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High Vulnerabilities 








Primary 
Vendor -- Product 


CVSS Source & Patch 


Description Published Score Info 








Adobe Dimension versions 3.4.3 (and earlier) is affected by a 
memory corruption vulnerability due to insecure handling of a 
adobe -- dimension malicious GIF file, potentially resulting in arbitrary code execution || 2021-12-20 
in the context of the current user. User interaction is required to 
exploit this vulnerability. 


Adobe Dimension versions 3.4.3 (and earlier) are affected by an 
out-of-bounds write vulnerability that could result in arbitrary code 


CVE-2021-44179 
9.3 MISC 
MISC 








CVE-2021-44180 







































































adobe -- dimension execution in the context of the current user. Exploitation of this 2021-12-20 9.3 MISC 

issue requires user interaction in that a victim must open a MISC 

malicious GIF file. 

Adobe Dimension versions 3.4.3 (and earlier) are affected by an 

out-of-bounds write vulnerability that could result in arbitrary code CVE-2021-44181 
adobe -- dimension execution in the context of the current user. Exploitation of this 2021-12-20 9.3 MISC 

issue requires user interaction in that a victim must open a MISC 

malicious GIF file. 

Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a 

memory corruption vulnerability due to insecure handling of a CVE-2021-43021 
adobe -- premiere_rush malicious EXR file, potentially resulting in arbitrary code execution || 2021-12-20 9.3 Msc 

in the context of the current user. User interaction is required to e 

exploit this vulnerability. 

Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a 

memory corruption vulnerability due to insecure handling of a CVE-2021-43022 
adobe -- premiere_rush malicious PNG file, potentially resulting in arbitrary code execution || 2021-12-20 9.3 Msc 

in the context of the current user. User interaction is required to —— 

exploit this vulnerability. 

Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a 

memory corruption vulnerability due to insecure handling of a CVE-2021-43023 
adobe -- premiere_rush malicious EPS/TIFF file, potentially resulting in arbitrary code 2021-12-20 9.3 Msc 

execution in the context of the current user. User interaction is e 

required to exploit this vulnerability. 

Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a 

memory corruption vulnerability due to insecure handling of a CVE-2021-43024 
adobe -- premiere_rush malicious WAV file, potentially resulting in arbitrary code execution || 2021-12-20 9.3 Msc 

in the context of the current user. User interaction is required to ——— 

exploit this vulnerability. 

Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a 

memory corruption vulnerability due to insecure handling of a CVE-2021-43025 
adobe -- premiere_rush malicious SVG file, potentially resulting in arbitrary code execution || 2021-12-20 9.3 Msc 

in the context of the current user. User interaction is required to p 


exploit this vulnerability. 
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bypass mitigations such as ASLR. Exploitation of this issue 
requires user interaction in that a victim must open a malicious TIF 


MISC 


Primary ae P CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a 
memory corruption vulnerability due to insecure handling of a CVE-2021-43026 
adobe -- premiere_rush malicious MXF file, potentially resulting in arbitrary code execution || 2021-12-20 9.3 Msc 
in the context of the current user. User interaction is required to e 
exploit this vulnerability. 
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a 
memory corruption vulnerability due to insecure handling of a CVE-2021-43028 
adobe -- premiere_rush malicious M4A file, potentially resulting in arbitrary code execution || 2021-12-20 9.3 Msc 
in the context of the current user. User interaction is required to e 
exploit this vulnerability. 
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a 
memory corruption vulnerability due to insecure handling of a CVE-2021-43029 
adobe -- premiere_rush malicious M4A file, potentially resulting in arbitrary code execution || 2021-12-20 93 Msc 
in the context of the current user. User interaction is required to ——— 
exploit this vulnerability. 
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a 
memory corruption vulnerability due to insecure handling of a CVE-2021-43747 
adobe -- premiere_rush malicious WAV file, potentially resulting in arbitrary code execution |} 2021-12-20 9.3 MISC... 
in the context of the current user. User interaction is required to S 
exploit this vulnerability. 
A carefully crafted request body can cause a buffer overflow in the CVE-2021-44790 
mod_lua multipart parser (r:parsebody() called from Lua scripts). MISC 
apache -- http_server The Apache httpd team is not aware of an exploit for the 2021-12-20 15 MLIST 
vulnerabilty though it might be possible to craft one. This issue FEDORA 
affects Apache HTTP Server 2.4.51 and earlier. CONFIRM 
irestüraht project iresturant RCE in Add Review Function in iResturant 1.0 Allows remote 2021-12-20 10 ian 
Pro} attacker to execute commands remotely a MISC 
Incomplete string comparison in the numpy.core component in CVE-2021-34141 
numpy -- numpy NumPy1.9.x, which allows attackers to fail the APIs via 2021-12-17 is MISC. 
constructing specific string objects. (mead 
; TCMAN GIM is vulnerable to a SQL injection vulnerability inside CVE-2021-40850 
teman==gim several available webservice methods in /PC/WebService.asmx. Zoae | LS CONFIRM 
Back to top 
Medium Vulnerabilities 
Primary ere : CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
Adobe Audition versions 14.4 (and earlier), and 22.0 (and 
earlier)are affected by an out-of-bounds read vulnerability that 
adobe -- audition could lead to disclosure of sensitive memory. An attacker could 2021-12-20 43 oo 
leverage this vulnerability to bypass mitigations such as ASLR. a MISC 
Exploitation of this issue requires user interaction in that a victim Å- 
must open a malicious MP4 file. 
Adobe Audition versions 14.4 (and earlier), and 22.0 (and 
earlier)are affected by an out-of-bounds read vulnerability that $ p 
dobes audition could lead to disclosure of sensitive memory. An attacker could 2021-12-20 43 a 
leverage this vulnerability to bypass mitigations such as ASLR. S MISC 
Exploitation of this issue requires user interaction in that a victim Be 
must open a malicious MP4 file. 
Adobe Audition versions 14.4 (and earlier), and 22.0 (and 
earlier)are affected by an out-of-bounds read vulnerability that CVE-2021-44697 
adobe audition could lead to disclosure of sensitive memory. An attacker could 2021-12-20 4.3 Msc 
leverage this vulnerability to bypass mitigations such as ASLR. RE MISC 
Exploitation of this issue requires user interaction in that a victim men 
must open a malicious MOV file. 
Adobe Dimension versions 3.4.3 (and earlier) are affected by an 
out-of-bounds read vulnerability that could lead to disclosure of CVE-2021-44182 
adobe dimensión sensitive memory. An attacker could leverage this vulnerability to 2021-12-20 43 MISC. 
bypass mitigations such as ASLR. Exploitation of this issue —- MISC 
requires user interaction in that a victim must open a malicious = 
SVG file. 
Adobe Dimension versions 3.4.3 (and earlier) are affected by an 
out-of-bounds read vulnerability that could lead to disclosure of 
adobe — dimension sensitive memory. An attacker could leverage this vulnerability to 2021-12-20 43 a 











file. 
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Primary ae ; CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
Adobe Dimension versions 3.4.3 (and earlier) are affected by an 
out-of-bounds read vulnerability that could lead to disclosure of 
; : sensitive memory. An attacker could leverage this vulnerability to CVE-2021-44183 
adobe -- dimension fae oa faa gs 2021-12-20 4.3 MISC 
bypass mitigations such as ASLR. Exploitation of this issue MISC 
requires user interaction in that a victim must open a malicious TIF hase 
file. 
Adobe Premiere Rush versions 1.5.16 (and earlier) are affected 
by a Null pointer dereference vulnerability. An unauthenticated 
: attacker could leverage this vulnerability to achieve an application CVE-2021-43748 
adobe = premiere_rush denial-of-service in the context of the current user. Exploitation of uae 43 MISC 
this issue requires user interaction in that a victim must open a 
malicious file. 
Adobe Premiere Rush versions 1.5.16 (and earlier) are affected 
by a Null pointer dereference vulnerability. An unauthenticated 
; attacker could leverage this vulnerability to achieve an application Per CVE-2021-43749 
adobe e pisiniore hush denial-of-service in the context of the current user. Exploitation of aE 4.3 MISC 
this issue requires user interaction in that a victim must open a 
malicious file. 
Adobe Premiere Rush versions 1.5.16 (and earlier) are affected 
by a Null pointer dereference vulnerability. An unauthenticated 
: attacker could leverage this vulnerability to achieve an application CVE-2021-43750 
adobe -- premiere_rush denial-of-service in the context of the current user. Exploitation of e0220 43 MISC 
this issue requires user interaction in that a victim must open a 
malicious file. 
Adobe Premiere Rush versions 1.5.16 (and earlier) allows access 
to an uninitialized pointer vulnerability that allows remote attackers 
to disclose sensitive information on affected installations. User CVE-2021-43746 
adobe -- premiere_rush interaction is required to exploit this vulnerability in that the target || 2021-12-20 4.3 MISC 
must visit a malicious page or open a malicious file. The specific MISC 
flaw exists within the parsing of MP4 files. The issue results from 
the lack of proper initialization of memory prior to accessing it. 
Adobe Premiere Rush versions 1.5.16 (and earlier) allows access 
to an uninitialized pointer vulnerability that allows remote attackers 
to disclose sensitive information on affected installations. User CVE-2021-43030 
adobe -- premiere_rush interaction is required to exploit this vulnerability in that the target || 2021-12-20 4.3 MISC 
must visit a malicious page or open a malicious file. The specific MISC 
flaw exists within the parsing of MP4 files. The issue results from 
the lack of proper initialization of memory prior to accessing it. 
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a 
memory corruption vulnerability due to insecure handling of a CVE-2021-40784 
adobe -- premiere_rush malicious WAV file, potentially resulting in arbitrary code execution |} 2021-12-20 6.8 Msc 
in the context of the current user. User interaction is required to e 
exploit this vulnerability. 
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a 
memory corruption vulnerability due to insecure handling of a CVE-2021-40783 
adobe -- premiere_rush malicious WAV file, potentially resulting in arbitrary code execution || 2021-12-20 6.8 Msc 
in the context of the current user. User interaction is required to 4 
exploit this vulnerability. 
A specially-crafted HTTP request can lead to SQL injection. An 
attacker can make authenticated HTTP requests to trigger these CVE-2021-21926 
advantech -- r-seenet vulnerabilities. This can be done as any authenticated user or ae. 4 MISC 
through cross-site request forgery at ‘health_filter’ parameter. 
A crafted URI sent to httpd configured as a forward proxy 
(ProxyRequests on) can cause a crash (NULL pointer CVE-2021-44224 
dereference) or, for configurations mixing forward and reverse MISC 
apache -- http_server proxy declarations, can allow for requests to be directed to a 2021-12-20 6.4 MLIST 
declared Unix Domain Socket endpoint (Server Side Request FEDORA 
Forgery). This issue affects Apache HTTP Server 2.4.7 up to CONFIRM 
2.4.51 (included). 
CVE-2021-45105 
MISC 
CONFIRM 
MLIST 
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding DEBIAN 
2.12.3) did not protect from uncontrolled recursion from self- MISC 
: referential lookups. This allows an attacker with control over CISCO 
apache — log4j Thread Context Map data to cause a denial of service when a 2021-1218 3 CONFIRM 
crafted string is interpreted. This issue was fixed in Log4j 2.17.0 CERT-VN 
and 2.12.3. CONFIRM 
CONFIRM 
MLIST 
FEDORA 
FEDORA 
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fault and application crash. 

















Prima ae : CVSS Source & Patch 
Vendor -- Pae Description Published | Score Info 

ciphercoin -- Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability CVE-2021-36885 
contact_form_7_database_addon_- ||discovered in Contact Form 7 Database Addon — CFDB7 2021-12-22 4.3 CONFIRM 
|_cfdb7 WordPress plugin (versions <= 1.2.6.1). CONFIRM 
ciphercoin -- Cross-Site Request Forgery (CSRF) vulnerability discovered in CVE-2021-36886 
contact_form_7_database_addon_- |Contact Form 7 Database Addon — CFDB7 WordPress plugin 2021-12-22 6.8 CONFIRM 
|_cfdb7 (versions <= 1.2.5.9). MISC 

A buffer overflow vulnerability in the Virtual Path Mapping CVE-2020-18077 
ftpshell -- ftpshell_server component of FTPShell v6.83 allows attackers to cause a denial 2021-12-17 5 Msc 

of service (DoS). ——— 

In apusys, there is a possible memory corruption due to a use 

after free. This could lead to local escalation of privilege with CVE-2021-0899 
google -- android System execution privileges needed. User interaction is not 2021-12-17 4.6 Msc 

needed for exploitation. Patch ID: ALPS05672107; Issue ID: e 

ALPS05672059. 

In apusys, there is a possible out of bounds write due to a missing 

bounds check. This could lead to local escalation of privilege with CVE-2021-0894 
google -- android System execution privileges needed. User interaction is not 2021-12-17 4.6 Msc 

needed for exploitation. Patch ID: ALPS05672107; Issue ID: co 

ALPS05672038. 

In apusys, there is a possible out of bounds write due to a missing 

bounds check. This could lead to local escalation of privilege with CVE-2021-0897 
google -- android System execution privileges needed. User interaction is not 2021-12-17 4.6 Msc 

needed for exploitation. Patch ID: ALPS05672107; Issue ID: e 

ALPS05670549. 

In apusys, there is a possible out of bounds write due to a missing 

bounds check. This could lead to local escalation of privilege with CVE-2021-0896 
google -- android System execution privileges needed. User interaction is not 2021-12-17 4.6 Msc 

needed for exploitation. Patch ID: ALPS05672107; Issue ID: aa 

ALPS05671206. 

In apusys, there is a possible out of bounds write due to a missing 

bounds check. This could lead to local escalation of privilege with CVE-2021-0895 
google -- android System execution privileges needed. User interaction is not 2021-12-17 4.6 Msc 

needed for exploitation. Patch ID: ALPS05672107; Issue ID: e 

ALPS05672003. 

In apusys, there is a possible memory corruption due to a use 

after free. This could lead to local escalation of privilege with CVE-2021-0898 
google -- android System execution privileges needed. User interaction is not 2021-12-17 4.6 Msc 

needed for exploitation. Patch ID: ALPS05672107; Issue ID: = 

ALPS05672071. 

In apusys, there is a possible memory corruption due to a use 

after free. This could lead to local escalation of privilege with CVE-2021-0893 
google -- android System execution privileges needed. User interaction is not 2021-12-17 4.6 Msc 

needed for exploitation. Patch ID: ALPS05672107; Issue ID: se 

AALPS05687474. 

In apusys, there is a possible memory corruption due to a missing 

bounds check. This could lead to local escalation of privilege with CVE-2021-0679 
google -- android System execution privileges needed. User interaction is not 2021-12-17 46 MISC. 

needed for exploitation. Patch ID: ALPS05672107; Issue ID: Ea 

ALPS05687781. 

In apusys, there is a possible out of bounds write due to a missing 

bounds check. This could lead to local escalation of privilege with CVE-2021-0678 
google -- android System execution privileges needed. User interaction is not 2021-12-17 4.6 Msc 

needed for exploitation. Patch ID: ALPS05672107; Issue ID: e 

ALPS05722511. 

In Audio Aurisys HAL, there is a possible permission bypass due 

to a missing permission check. This could lead to local escalation CVE-2021-0673 
google -- android of privilege with no additional execution privileges needed. User 2021-12-17 4.6 Msc 

interaction is not needed for exploitation. Patch ID: = 

ALPS05977326; Issue ID: ALPS05977326. 

In apusys, there is a possible out of bounds write due to a missing 

bounds check. This could lead to local escalation of privilege with CVE-2021-0903 
google -- android System execution privileges needed. User interaction is not 2021-12-17 4.6 Msc 

needed for exploitation. Patch ID: ALPS05672107; Issue ID: e 

ALPS05656488. 

In apusys, there is a possible memory corruption due to a missing 

bounds check. This could lead to local escalation of privilege with CVE-2021-0901 
google -- android System execution privileges needed. User interaction is not 2021-12-17 4.6 Msc 

needed for exploitation. Patch ID: ALPS05672107; Issue ID: c 

ALPS05664618. 

A null pointer dereference vulnerability exists in gpac 1.1.0 via the 
gpac -- gpac Isr_read_anim_values_ex function, which causes a segmentation || 2021-12-22 S LVE 2021-45266 


MISC 
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exploitation of this vulnerability might allow a remote attacker to 





obtain information. 














CONFIRM 





Primary ae : CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
Multiple Stored XSS Vulnerabilities in the Source Code of iOrder CVE-2021-43440 
iorder_project -- iorder 1.0 allow remote attackers to execute arbitrary code via signup 2021-12-20 4.3 MISC 
form in the Name and Phone number field. MISC 
OAR ee eee CVE-2020-19316 
laravel framework OS Command injection vulnerability in function link in 2024-12-20 6.8 MISC 
Filesystem.php in Laravel Framework before 5.8.17. MISC 
; 7 ; CVE-2021-4131 
livehelperchat -- live_helper_chat livehelperchat is vulnerable to Cross-Site Request Forgery 2021-12-18 68 CONFIRM 
(CSRF) MISC 
An issue was discovered in MediaWiki before 1.35.5, 1.36.x 
before 1.36.3, and 1.37.x before 1.37.1. It is possible to use 
Be aes PERES action=mcrundo followed by action=mcrrestore to replace the CVE-2021-44857 
mediawiki -- mediawiki A i a 2021-12-17 4 CONFIRM 
content of any arbitrary page (that the user doesn't have edit rights Msc 
for). This applies to any public wiki, or a private wiki that has at ar 
least one page set in $wgWhitelistRead. 
An issue was discovered in MediaWiki before 1.35.5, 1.36.x CVE-2021-45038 
mediawiki -- mediawiki before 1.36.3, and 1.37.x before 1.37.1. By using an 2021-12-17 is] CONFIRM 
action=rollback query, attackers can view private wiki contents. MISC 
A cross-site scripting (XSS) vulnerability in the potrtalltemName CVE-2020-20597 
mossle -- lemon parameter in \web\PortalController.java of lemon V1.10.0 allows 2021-12-22 4.3 Msc 
attackers to execute arbitrary web scripts or HTML. e 
A cross-site scripting (XSS) vulnerability in the Editing component CVE-2020-20598 
mossle -- lemon of lemon V1.10.0 allows attackers to execute arbitrary web scripts || 2021-12-22 4.3 ase 
MISC 
or HTML. 
Null Pointer Dereference vulnerability exists in numpy.sort in 
NumPy &lt and 1.19 in the PyArray_DescrNew function due to 49. CVE-2021-41495 
AUMpy = numpy missing return-value validation, which allows attackers to conduct avait 2 MISC 
DoS attacks by repetitively creating sort arrays. 
A Buffer Overflow vulnerability exists in NumPy 1.9.x in the 
PyArray_NewFromDescr_int function of ctors.c when specifying CVE-2021-33430 
peppy arrays of large dimensions (over 32) from Python code, which ere 5 MISC 
could let a malicious user cause a Denial of Service. 
An authenticated SQL injection issue in the calendar search 
function of OpenEMR 6.0.0 before patch 3 allows an attacker to P 
obenem = onnar read data from all tables of the database via the parameter 2021-12-17 68 MISC 
P P provider_id, as demonstrated by the =F MISC 
/interface/main/calendar/index.php? FULLDISC 
module=PostCalendar&func=search URI. aaa 
etal A cross-site request forgery (CSRF) in OPMS v1.3 and below roe CVE-2020-20595 
opms project =:opms allows attackers to arbitrarily add a user account via /user/add. a 4.3 MISC 
personal_blog_cms_project -- Blog CMS v1.0 contains a cross-site scripting (XSS) vulnerability 2021-12-22 43 CVE-2020-20605 
personal_blog_cms in the /controller/CommentAdminController.java component. Tá MISC 
CVE-2020-20426 
S-CMS Government Station Building System v5.0 contains a MISC 
a cise ele cross-site scripting (XSS) vulnerability in /function/booksave.php. 0a lente 43 MISC 
MISC 
CVE-2020-20425 
S-CMS Government Station Building System v5.0 contains a MISC 
Pe ee cross-site scripting (XSS) vulnerability in the search function. 2021ra 4.3 MISC 
MISC 
P : CVE-2021-45041 
salesagility -- suitecrm SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated 2021-12-19 6.5 CONFIRM 
SQL injection. CONFIRM 
The checkuser function of SEMCMS 3.8 was discovered to CVE-2020-18081 
sem-cms -- semcms contain a vulnerability which allows attackers to obtain the 2021-12-17 5 Msc 
password in plaintext through a SQL query. B 
A vulnerability in /include/web_check.php of SEMCMS v3.8 allows zagi CVE-2020-18078 
Sem-cms = semems attackers to reset the Administrator account's password. 20211217 à MISC 
CVE-2021-4130 
snipeitapp -- snipe-it snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) 2021-12-18 6.8 CONFIRM 
MISC 
TCMAN GIM is affected by an open redirect vulnerability. This 
PS vulnerability allows the redirection of user navigation to pages PES CVE-2021-40852 
teman ==gim controlled by the attacker. The exploitation of this vulnerability 2021-12-17 | 58 CONFIRM 
might allow a remote attacker to obtain information. 
TCMAN GIM is vulnerable to a lack of authorization in all available 
teman -- gim webservice methods listed in /PC/WebService.asmx. The 2021-12-17 5 CVE-2021-40851 
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needed for exploitation. Patch ID: ALPS05827154; Issue ID: 
AALPS05827 154. 


MISC 


Prima ae : CVSS Source & Patch 
Vendor -- Pde Description Published Score Info 
TCMAN GIM does not perform an authorization check when trying 
to access determined resources. A remote attacker could exploit CVE-2021-40853 
teman -- gim this vulnerability to access URL that require privileges without 2021-12-17 6.4 CONFIRM 
having them. The exploitation of this vulnerability might allow a e 
remote attacker to obtain sensible information. 
VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 
20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 
vmware -- prior to 21.5.0.37 contain an SSRF vulnerability. This issue may 2021-12-17 5 CVE-2021-22054 
workspace_one_uem_console allow a malicious actor with network access to UEM to send their = MISC 
requests without authentication and to gain access to sensitive 
information. 
wechat-php-sdk_project -- wechat- |Wechat-php-sdk v1.10.2 is affected by a Cross Site Scripting 2021-12-17 43 7 iia 
php-sdk (XSS) vulnerability in Wechat.php. = MISC 
Wwoltarskluwarz- Wolters Kluwer TeamMate AM 12.4 Update 1 mishandles | CVE-2021-44035 
t : attachment uploads, such that an authenticated user may 2021-12-17 6.8 MISC 
eammate_audit_management d ee : 
ownload and execute malicious files. MISC 
CVE-2021-4009 
A flaw was found in xorg-x11-server in versions before 21.1.2 and MISC 
before 1.20.14. An out-of-bounds access can occur in the MISC 
X.Org -- X_server SProcXFixesCreatePointerBarrier function. The highest threat 2021-12-17 4.6 FEDORA 
from this vulnerability is to data confidentiality and integrity as well FEDORA 
as system availability. MISC 
DEBIAN 
CVE-2021-4011 
A flaw was found in xorg-x11-server in versions before 21.1.2 and MISC 
before 1.20.14. An out-of-bounds access can occur in the MISC 
X.Org -- X_server SwapCreateRegister function. The highest threat from this 2021-12-17 4.6 FEDORA 
vulnerability is to data confidentiality and integrity as well as FEDORA 
system availability. MISC 
DEBIAN 
CVE-2021-4010 
A flaw was found in xorg-x11-server in versions before 21.1.2 and MISC 
before 1.20.14. An out-of-bounds access can occur in the MISC 
X.Org -- X_server SProcScreenSaverSuspend function. The highest threat from this || 2021-12-17 4.6 FEDORA 
vulnerability is to data confidentiality and integrity as well as FEDORA 
system availability. MISC 
DEBIAN 
CVE-2021-4008 
A flaw was found in xorg-x11-server in versions before 21.1.2 and MISC 
before 1.20.14. An out-of-bounds access can occur in the MISC 
X.Org -- X_server SProcRenderCompositeGlyphs function. The highest threat from 2021-12-17 4.6 FEDORA 
this vulnerability is to data confidentiality and integrity as well as FEDORA 
system availability. MISC 
DEBIAN 
Back to top 
Low Vulnerabilities 
Primary ere : CVSS Source & Patch 
Vendor -- Product Description Pubiisned Score Info 
CVE-2021-42584 
A Stored Cross Site Scripting (XSS) issue exists in Convos-Chat MISC 
convos -- convos before 6.32. 2021-12-17 25 MISC 
MISC 
In alac decoder, there is a possible out of bounds read due to an 
incorrect bounds check. This could lead to local information CVE-2021-0674 
google -- android disclosure with no additional execution privileges needed. User 2021-12-17 2.1 Msc 
interaction is not needed for exploitation. Patch ID: ee 
ALPS06064258; Issue ID: ALPS06064237. 
In geniezone driver, there is a possible out of bounds read due to 
an incorrect bounds check. This could lead to local information CVE-2021-0676 
google -- android disclosure with System execution privileges needed. User 2021-12-17 21 Msc 
interaction is not needed for exploitation. Patch ID: =e 
ALPS05863009; Issue ID: ALPS05863009. 
In ccu driver, there is a possible out of bounds read due to an 
integer overflow. This could lead to local information disclosure CVE-2021-0677 
google -- android with System execution privileges needed. User interaction is not 2021-12-17 2.1 naer = 
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iota All-In-One Security Kit versions prior to 


Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
In apusys, there is a possible out of bounds read due to an 
incorrect bounds check. This could lead to local information CVE-2021-0900 
google -- android disclosure with System execution privileges needed. User 2021-12-17 21 Msc 
interaction is not needed for exploitation. Patch ID: baa 
AALPS05672107; Issue ID: ALPS05672055. 
In apusys, there is a possible out of bounds read due to an 
incorrect bounds check. This could lead to local information CVE-2021-0902 
google -- android disclosure with System execution privileges needed. User 2021-12-17 2.1 Msc 
interaction is not needed for exploitation. Patch ID: e 
ALPS05672107; Issue ID: ALPS05656484. 
IBM Business Automation Workflow 18.0, 19.0, 20,0 and 21.0 and 
IBM Business Process Manager 8.5 and 8.6 are vulnerable to 
ibm -- cross-site scripting. This vulnerability allows users to embed 2021-12-17 35 aco am 
business_automation_workflow arbitrary JavaScript code in the Web UI thus altering the intended i= xe 
functionality potentially leading to credentials disclosure within a S 
trusted session. IBM X-Force ID: 209165. 
IBM Cloud Pak for Automation 21.0.2 is vulnerable to cross-site 
scripting. This vulnerability allows users to embed arbitrary CVE-2021-38966 
ibm -- cloud_pak_for_automation ||JavaScript code in the Web UI thus altering the intended 2021-12-21 25 XE 
functionality potentially leading to credentials disclosure within a CONFIRM 
trusted session. IBM X-Force ID: 212357. 
fo tei po CVE-2021-43438 
; ' ; Stored XSS in Signup Form in iResturant 1.0 Allows Remote kaer 
resturant projęct==iresturant Attacker to Inject Arbitrary code via NAME and ADDRESS field || 2021-12-20 | za ea 
; an CVE-2021-4132 
; i livehelperchat is vulnerable to Improper Neutralization of Input 49. MAME ~ 
livehelperchat live helper chat During Web Page Generation ('Cross-site Scripting’) PORNA N 2a oo 
Mattermost 6.0 and earlier fails to sufficiently validate parameters 
during post creation, which allows authenticated attackers to toy eee tas teoe 
mattermost -- mattermost_server ; 5 aate A ne 2021-12-17 3.5 MISC 
cause a client-side crash of the web application via a maliciously MISC 
crafted post. co 
MetInfo 7.0 beta contains a stored cross-site scripting (XSS) ? y 
metinfo -- metinfo vulnerability in the $name parameter of admin/? 2021-12-22 35 ao 
n=column&c=index&a=doAddColumn. eet 
tarteaucitron.js_- 
|_cookies_legislation_ Multiple Stored Authenticated Cross-Site Scripting (XSS) CVE-2021-36889 
amp;_gdpr_project -- vulnerabilities were discovered in tarteaucitron.js — Cookies 2021-12-20 3.5 MISC 
tarteaucitron.js_- legislation & GDPR WordPress plugin (versions <= 1.6). CONFIRM 
|_cookies_legislation_ amp;_gdpr 
Back to top 
Severity Not Yet Assigned 
Primary nii P CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
Wiki.js is a wiki app built on Node.js. Wiki.js versions 2.5.257 and 
earlier are vulnerable to stored cross-site scripting through a SVG 
file upload. By creating a crafted SVG file, a malicious Wiki.js user 
may stage a stored cross-site scripting attack. This allows the 
attacker to execute malicious JavaScript when the SVG is viewed 
directly by other users. Scripts do not execute when loaded inside CVE-2021-43842 
a page via normal “<img> tags. Commit ‘ore Msc = 
ae 5d3e81496fba1f0fbd64eeb855f30f69a90407 18 fixes this 2021-12-20 y aie 
requarks -- wiki.js ne f : calculated |MISC 
vulnerability by adding an optional (enabled by default) SVG CONFIRM 
sanitization step to all file uploads that match the SVG mime type. _—— ae 
As a workaround, disable file upload for all non-trusted users. 
Wiki.js version 2.5.260 is the first production version to contain a 
patch. Version 2.5.258 is the first development build to contain a 
patch and is available only as a Docker image as 
requarks/wiki:canary-2.5.258. 
M4MOSAn GCB Doctor’s file upload function has improper user 
4mosan_gcb_doctor - privilege control. A remote attacker can upload arbitrary files T 3 
- 4mosan_gcb_doctor including webshell files without authentication and execute 2021-12-20 Mot yet |ie 202144159 
h ; z i calculated |CONFIRM 
arbitrary code in order to perform arbitrary system operations or 
deny of service attack. 
OS Command Injection vulnerability in the wirelessConnect 
: : ; „||handler of Abode iota All-In-One Security Kit allows an attacker to 
abode iota:=alkin-one_sècurity_kit inject commands and gain root access. This issue affects: Abode || 2021-12-20 a o n 











1.0.2.23_6.9V_dev_t2_homekit_RF_2.0.19_s2_kvsABODE oz. 
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privilege super-administrator account needs to be used to achieve 
exploitation without cross-site request forgery attack. 

















Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
acclaim -- usaherds Acclaim USAHERDS through 7.4.0.1 uses hard-coded not yet fee eee 
f 2021-12-21 MISC 
credentials. calculated 
MISC 
A specially-crafted HTTP request can lead to SQL injection. An 
advantech -- r-seenet attacker can make authenticated HTTP requests at ‘mac_filter’ 2021-12-22 not yet ||CVE-2021-21928 
parameter to trigger this vulnerability. This can be done as any calculated ||MISC 
authenticated user or through cross-site request forgery. 
A specially-crafted HTTP request can lead to SQL injection. An 
advantech -- r-seenet attacker can make authenticated HTTP requests to trigger this 2021-12-22 not yet ||CVE-2021-21937 
vulnerability at ‘host_alt_filter’ parameter. This can be done as any calculated |MISC 
authenticated user or through cross-site request forgery. 
A specially-crafted HTTP request can lead to SQL injection. An 
advantech -- r-seenet attacker can make authenticated HTTP requests to trigger this 2021-12-22 not yet CVE-2021-21936 
vulnerability at ‘health_alt_filter’ parameter. This can be done as calculated |MISC 
any authenticated user or through cross-site request forgery. 
A specially-crafted HTTP request can lead to SQL injection. An 
advantech -- r-seenet attacker can make authenticated HTTP requests to trigger this 2021-12-22 not yet |CVE-2021-21935 
vulnerability at ‘host_alt_filter2’ parameter. This can be done as calculated |MISC 
any authenticated user or through cross-site request forgery. 
A specially-crafted HTTP request can lead to SQL injection. An 
advantech -- r-seenet attacker can make authenticated HTTP requests to trigger this at 2021-12-22 not yet CVE-2021-21934 
‘imei_filter’ parameter. This can be done as any authenticated calculated ||MISC 
user or through cross-site request forgery. 
A specially-crafted HTTP request can lead to SQL injection. An 
advantech -- r-seenet attacker can make authenticated HTTP requests to trigger this at 2021-12-22 not yet |CVE-2021-21933 
‘esn_filter’ parameter. This can be done as any authenticated user calculated |MISC 
or through cross-site request forgery. 
A specially-crafted HTTP request can lead to SQL injection. An 
advantech -- r-seenet attacker can make authenticated HTTP requests to trigger this at 2021-12-22 not yet CVE-2021-21932 
‘name_filter’ parameter. This can be done as any authenticated calculated |MISC 
user or through cross-site request forgery. 
A specially-crafted HTTP request can lead to SQL injection. An 
advantech -- r-seenet attacker can make authenticated HTTP requests at‘ stat_filter’ 2021-12-22 not yet |CVE-2021-21931 
parameter to trigger this vulnerability. This can be done as any calculated |MISC 
authenticated user or through cross-site request forgery. 
A specially-crafted HTTP request can lead to SQL injection. An 
advantech -- r-seenet attacker can make authenticated HTTP requests to trigger this 2021-12-22 not yet CVE-2021-21922 
vulnerability at ‘username_filter’ parameter with the administrative calculated ||MISC 
account or through cross-site request forgery. 
A specially-crafted HTTP request can lead to SQL injection. An 
advantech -- r-seenet attacker can make authenticated HTTP requests at ‘prod_filter’ 2021-12-22 not yet |CVE-2021-21929 
parameter to trigger this vulnerability. This can be done as any calculated |MISC 
authenticated user or through cross-site request forgery. 
A specially-crafted HTTP request can lead to SQL injection. An 
advantech -- r-seenet attacker can make authenticated HTTP requests to trigger this 2021-12-22 notyet CVE-2021-21921 
vulnerability at ‘name_filter’ parameter with the administrative calculated |MISC 
account or through cross-site request forgery. 
A specially-crafted HTTP request can lead to SQL injection. An 
advantech -- r-seenet attacker can make authenticated HTTP requests to trigger these 2021-12-22 not yet CVE-2021-21927 
vulnerabilities. This can be done as any authenticated user or calculated |MISC 
through cross-site request forgery at ‘loc_filter’ parameter. 
An exploitable SQL injection vulnerability exist in the ‘group_list’ 
page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially- 
advantech -- r-seenet crafted HTTP request at 'description_filter’ parameter. An attacker 2021-12-22 not yet |CVE-2021-21916 
can make authenticated HTTP requests to trigger this calculated |MISC 
vulnerability. This can be done as any authenticated user or 
through cross-site request forgery. 
A specially-crafted HTTP request can lead to SQL injection. An 
advantech -- r-seenet attacker can make authenticated HTTP requests to trigger this 2021-12-22 not yet |CVE-2021-21920 
vulnerability at ‘surname_filter’ parameter with the administrative calculated |MISC 
account or through cross-site request forgery. 
A specially-crafted HTTP request can lead to SQL injection. An 
attacker can make authenticated HTTP requests to trigger this 
advantech -- r-seenet vulnerability at ord’ parameter. However, the high privilege super- || 2021-12-22 not yet k E 2021-21910 
H : ieee calculated ||MISC 
administrator account needs to be used to achieve exploitation 
without cross-site request forgery attack. 
A specially-crafted HTTP request can lead to SQL injection. An 
attacker can make authenticated HTTP requests to trigger this 
advantech -- r-seenet vulnerability at ‘name_filter’ parameter. However, the high 2021-12-22 ila E meme 











https://content.govdelivery.com/accounts/USDHSCISA/bulletins/302d8f4 





8/29 


1/4/22, 8:11 AM 


Vulnerability Summary for the Week of December 20, 2021 





Primary 
Vendor -- Product 


Description 


Published 


CVSS 
Score 


Source & Patch 
Info 








advantech -- r-seenet 


A specially-crafted HTTP request can lead to SQL injection. An 
attacker can make authenticated HTTP requests to trigger these 
vulnerabilities. This can be done as any authenticated user or 
through cross-site request forgery at ‘firm_filter parameter. 


2021-12-22 


not yet 
calculated 


CVE-2021-21925 
MISC 








advantech -- r-seenet 


An exploitable SQL injection vulnerability exist in the ‘group_list’ 
page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially- 
crafted HTTP request at “ord’ parameter. An attacker can make 
authenticated HTTP requests to trigger this vulnerability. This can 
be done as any authenticated user or through cross-site request 
forgery. 


2021-12-22 


not yet 
calculated 


CVE-2021-21917 
MISC 








advantech -- r-seenet 


An exploitable SQL injection vulnerability exist in the ‘group_list’ 
page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially- 
crafted HTTP request at ‘company_filter’ parameter. An attacker 
can make authenticated HTTP requests to trigger this 
vulnerability. This can be done as any authenticated user or 
through cross-site request forgery. 


2021-12-22 


not yet 
calculated 


CVE-2021-21915 
MISC 








advantech -- r-seenet 


A privilege escalation vulnerability exists in the Windows version 
of installation for Advantech R-SeeNet Advantech R-SeeNet 
2.4.15 (30.07.2021). A specially-crafted file can be replaced in the 
system to escalate privileges to NT SYSTEM authority. An 
attacker can provide a malicious file to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21912 
MISC 








advantech -- r-seenet 


A privilege escalation vulnerability exists in the Windows version 
of installation for Advantech R-SeeNet Advantech R-SeeNet 
2.4.15 (30.07.2021). A specially-crafted file can be replaced in the 
system to escalate privileges to NT SYSTEM authority. An 
attacker can provide a malicious file to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21911 
MISC 








advantech -- r-seenet 


A privilege escalation vulnerability exists in the Windows version 
of installation for Advantech R-SeeNet Advantech R-SeeNet 
2.4.15 (30.07.2021). A specially-crafted file can be replaced in the 
system to escalate privileges to NT SYSTEM authority. An 
attacker can provide a malicious file to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21910 
MISC 








advantech -- r-seenet 


A specially-crafted HTTP request can lead to SQL injection. An 
attacker can make authenticated HTTP requests to trigger this 
vulnerability at ‘company_filter’ parameter with the administrative 
account or through cross-site request forgery. 


2021-12-22 


not yet 
calculated 


CVE-2021-21923 
MISC 








advantech -- r-seenet 


A specially-crafted HTTP request can lead to SQL injection. An 
attacker can make authenticated HTTP requests to trigger these 
vulnerabilities. This can be done as any authenticated user or 
through cross-site request forgery at ‘desc_filter’ parameter. 


2021-12-22 


not yet 
calculated 


CVE-2021-21924 
MISC 








advantech -- r-seenet 


A specially-crafted HTTP request can lead to SQL injection. An 
attacker can make authenticated HTTP requests at ‘sn_filter’ 
parameter to trigger this vulnerability. This can be done as any 
authenticated user or through cross-site request forgery. 


2021-12-22 


not yet 
calculated 


CVE-2021-21930 
MISC 








ajax -- ajax.net_professional 


Ajax.NET Professional (AjaxPro) is an AJAX framework available 
for Microsoft ASP.NET. Affected versions of this package are 
vulnerable to JavaScript object injection which may result in cross 
site scripting when leveraged by a malicious user. The affected 
core relates to JavaScript object creation when parsing json input. 
Releases before version 21.12.22.1 are affected. A workaround 
exists that replaces one of the core JavaScript files embedded in 
the library. See the GHSA-5q7q-qqw2-hjq7 for workaround details. 


2021-12-22 


not yet 
calculated 


CVE-2021-43853 
CONFIRM 

MISC 

MISC 








anker_eufy -- homeba 


An authentication bypass vulnerability exists in the process _msg() 
function of the home_security binary of Anker Eufy Homebase 2 
2.1.6.9h. A specially-crafted man-in-the-middle attack can lead to 
increased privileges. 


2021-12-22 


not yet 
calculated 


CVE-2021-21953 
MISC 








anker_eufy -- homebase 


An authentication bypass vulnerability exists in the 
CMD_DEVICE_GET_RSA_KEY_REQUEST functionality of the 
home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A 
specially-crafted set of network packets can lead to increased 
privileges. 


2021-12-22 


not yet 
calculated 


ICVE-2021-21952 
MISC 








anuko -- time_tracker 








Anuko Time Tracker is an open source, web-based time tracking 
application written in PHP. SQL injection vulnerability exist in 
multiple files in Time Tracker version 1.19.33.5606 and prior due 
to not properly checking of the "group" and "status" parameters in 
POST requests. Group parameter is posted along when 
navigating between organizational subgroups (groups.php file). 
Status parameter is used in multiple files to change a status of an 
entity such as making a project, task, or user inactive. This issue 
has been patched in version 1.19.33.5607. An upgrade is highly 
recommended. If an upgrade is not practical, introduce 
ttValidStatus function as in the latest version and start using it user 
input check blocks wherever status field is used. For groups.php 
fix, introduce ttValidIinteger function as in the latest version and 





use it in the access check block in the file. 








2021-12-22 





not yet 
calculated 





CVE-2021-43851 
CONFIRM 

MISC 

MISC 
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Prima ar : CVSS Source & Patch 
Vendor -- iia Description Published Score Info 
cordova-plugin-fingerprint-aio is a plugin provides a single and 
simple interface for accessing fingerprint APIs on both Android 6+ 
and iOS. In versions prior to 5.0.1 The exported activity 
*de.niklasmerz.cordova.biometric.BiometricActivity’ can cause the 
app to crash. This vulnerability occurred because the activity didn't 
handle the case where it is requested with invalid or empty data CVE-2021-43849 
apache -- cordova which results in a crash. Any third party app can constantly call 2021-12-23 not yet ||CONFIRM 
this activity with no permission. A 3rd party app/attacker using calculated |MISC 
event listener can continually stop the app from working and make MISC 
the victim unable to open it. Version 5.0.1 of the cordova-plugin- 
fingerprint-aio doesn't export the activity anymore and is no longer 
vulnerable. If you want to fix older versions change the attribute 
android:exported in plugin.xml to false. Please upgrade to version 
5.0.1 as soon as possible. 
Improper Input Validation vulnerability in Parquet-MR of Apache CVE-2021-41561 
apache — parquet Saris albwean etackor Bes By Ben Parquet files. This | 2021-12-20 rot yet MISC 
issue affects Apache Parquet-MR version 1.9.0 and later versions. catcutated IMLIST 
Apache PLC4X - PLC4C (Only the C language implementation 
was effected) was vulnerable to an unsigned integer underflow 
flaw inside the tcp transport. Users should update to 0.9.1, which 
apache -- plc addresses this issue. However, in order to exploit this vulnerability, not yet CVE-2021-43083 
a user would have to actively connect to a mallicious device which || 2021-12-19 sailculated MISC 
could send a response with invalid content. Currently we consider MLIST 
the probability of this being exploited as quite minimal, however 
this could change in the future, especially with the industrial 
networks growing more and more together. 
An Improper Input Validation vulnerability in DatalmportHandler of 
Apache Solr allows an attacker to provide a Windows UNC path 
resulting in an SMB network call being made from the Solr host to 
another host on the network. If the attacker has wider access to 
the network, this may lead to SMB attacks, which may result in: * 
apache=solr The exfiltration of A data such as OS user wea 2021-12-23 nor ae -o 
(NTLM/LM hashes), * In case of misconfigured systems, SMB caicuiated WSS 
Relay Attacks which can lead to user impersonation on SMB 
Shares or, in a worse-case scenario, Remote Code Execution 
This issue affects all Apache Solr versions prior to 8.11.1. This 
issue only affects Windows. 
An issue existed in preventing the uploading of CallKit call history 
apple -- ios to iCloud. This issue was addressed through improved logic. This 2021-12-23 not yet ||CVE-2017-2375 
issue is fixed in iOS 10.2.1. Updates for CallKit call history are calculated |MISC 
sent to iCloud. 
A memory corruption issue was addressed with improved memory CVE-2017-13880 
apple -- ios_and_watchos handling. This issue is fixed in iOS 11.2, watchOS 4.2. An 2024-12-23 not yet Msc 
application may be able to execute arbitrary code with kernel calculated MISC 
privilege. E 
A validation issue was addressed with improved logic. This issue 
apple -- macos_high_sierra is fixed in macOS High Sierra 10.13.5, Security Update 2018-003 2021-12-23 not yet ||CVE-2018-4478 
Sierra, Security Update 2018-003 El Capitan. An attacker with calculated ||MISC 
physical access to a device may be able to elevate privileges. 
A memory corruption issue was addressed with improved memory 
apple -- macos_high_sierra handling. This issue is fixed in macOS High Sierra 10.13. An 2021-12-23 not yet ||CVE-2017-13835 
application may be able to execute arbitrary code with elevated calculated ||MISC 
privileges. 
An issue existed in the handling of Contact sharing. This issue 
: : was addressed with improved handling of user information. This 
apple macos: high-sierta issue is fixed in macOS High Sierra 10.13.2, Security Update 2021-12-23 || Dot yat ee 
2017-002 Sierra, and Security Update 2017-005 El Capitan. calculated biau 
Sharing contact information may lead to unexpected data sharing. 
; CVE-2019-8643: Arun Sharma of VMWare This issue is fixed in 
apple -- macos_mojave macOS Mojave 10.14. Description: A logic issue was addressed 2021-12-23 ha hte i ia 
with improved state management.. calcurated WS% 
A use after free issue was addressed with improved memory 
: management. This issue is fixed in macOS Catalina 10.15.4, 
apple -- multiple_products Security Update 2020-002 Mojave, Security Update 2020-002 20214223 DOOS e 
High Sierra. A malicious application may be able to execute calculated |Milsy 
arbitrary code with kernel privileges. 
This issue was addressed by removing the vulnerable code. This 
apple -- multiple_products issue is fixed in macOS Catalina 10.15.4, Security Update 2020- 2021-12-23 not yet ||CVE-2020-3896 
002 Mojave, Security Update 2020-002 High Sierra. A malicious calculated |MISC 
application may be able to overwrite arbitrary files. 
This issue was addressed with a new entitlement. This issue is CVE-2019-8702 
apple -- multiple_products fixed in macOS Mojave 10.14.6, Security Update 2019-004 High 2021-12-23 not yet MISC 
Sierra, Security Update 2019-004 Sierra, iOS 12.4, tvOS 12.4.A calculated |MISC 
local user may be able to read a persistent account identifier. MISC 
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Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
CVE-2019-8703 
apple =anultiple- products This issue was addressed with improved entitlements. This issue not vet MISC 
PP pe_p is fixed in watchOS 6, tvOS 13, macOS Catalina 10.15, iOS 13. || 2021-12-23 | J 7. , MISC 
An application may be able to gain elevated privileges. MISC 
MISC 
A null pointer dereference was addressed with improved a 
; validation. This issue is fixed in macOS High Sierra 10.13, iCloud 
apple: = multiple products for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. || 2021-12-23 || not yet MSE 
Processing maliciously crafted XML may lead to an unexpected MISC 
application termination or arbitrary code execution. MISC 
A logic issue was addressed with improved state management. 7 nae 
apple multiple: products This issue is fixed in macOS Big Sur 11.6.2, macOS Monterey not yet MISC 
pp pie_p 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS || 2021-12-23 |) Je Ye MISC 
15.2, watchOS 8.3. A local user may be able to modify protected MISC 
parts of the file system. MISC 
A cryptographic weakness existed in the authentication protocol of 
Remote Desktop. This issue was addressed by implementing the 
apple -- remote desktop Secure Remote Password authentication protocol. This issue is 2021-12-23 id oe 
fixed in Apple Remote Desktop 3.9. An attacker may be able to st 
capture cleartext passwords. 
A race condition was addressed with additional validation. This CVE-2017-13905 
anole-=multinle products issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, not vet MISC 
PP p'e_p Security Update 2017-002 Sierra, and Security Update 2017-005 || 2021-12-23 sleu teq MISC 
El Capitan, watchOS 4.2. An application may be able to gain MISC 
elevated privileges. MISC 
A memory corruption issue was addressed with improved memory 
apple: macos hiahisièrra handling. This issue is fixed in macOS High Sierra 10.13.1, not yet CVE-2017-13906 
pp nign Security Update 2017-001 Sierra, and Security Update 2017-004 || 2021-12-23 ere tod MISC 
El Capitan, macOS High Sierra 10.13. A malicious application MISC 
may be able to elevate privileges. 
An issue in handling file permissions was addressed with 
improved validation. This issue is fixed in macOS High Sierra CVE-2017-13908 
apple -- macos_high_sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2021-12-23 not yet Msc 
2017-004 El Capitan, macOS High Sierra 10.13. A local attacker calculated MISC 
may be able to execute non-executable text files via an SMB ae 
share. 
An issue existed in the storage of sensitive tokens. This issue was 
apple -- macos_high_sierra addressed by placing the tokens in Keychain. This issue is fixed in 2021-12-23 not yet |CVE-2017-13909 
macOS High Sierra 10.13. A local attacker may gain access to calculated ||MISC 
iCloud authentication tokens. 
; ; An access issue was addressed with additional sandbox 
apple- macos high sierra restrictions on applications. This issue is fixed in macOS High 2021-12-23 M aoe A 
Sierra 10.13. An application may be able to access restricted files. e 
A state management issue was addressed with improved state 
apple -- macos_high_sierra validation. This issue is fixed in macOS High Sierra 10.13.1, 2021-12-23 not yet ||CVE-2017-13907 
Security Update 2017-001 Sierra, and Security Update 2017-004 calculated ||MISC 
El Capitan. The screen lock may unexpectedly remain unlocked. 
‘ : CVE-2021-4162 
archivy -- archivy archivy is vulnerable to Cross-Site Request Forgery (CSRF) 2021-12-25 || _notyet |SONFIRM 
calculated MISC 
In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows 
armmbed -- mbed_tls policy bypass or oracle-based decryption when the output buffer is|| 2021-12-21 Ls eee ooo 
at memory locations accessible to an untrusted application. a 
In Mbed TLS before 2.28.0 and 3.x before 3.1.0, 
armmbed -- mbed_tls psa_cipher_generate_iv and psa_cipher_encrypt allow policy not yet L E 202) -o5e50 
: í 2021-12-21 MISC 
bypass or oracle-based decryption when the output buffer is at calculated MISC 
memory locations accessible to an untrusted application. ea 
CVE-2021-44732 
CONFIRM 
Anmmbed'= bed iis Mbed TLS before 3.0.1 has a double free in certain out-of-memory ot vet MISC 
= conditions, as demonstrated by an mbedtls_ssl_set_session() 2021-12-20 alé Pied CONFIRM 
failure. a CONFIRM 
CONFIRM 
CONFIRM 
A Memory Corruption vulnerability may lead to code execution F : 
autodesk -- pdftron through maliciously crafted DLL files through PDF earlier than 0014228 Oe lee 
9.0.7 version. calculated |MISC 
A maliciously crafted PDF file prior to 9.0.7 may be forced to read 
autodesk:= patron beyond allocated boundaries when parsing the PDF file. This goziizas || Oe 1 ad 
vulnerability can be exploited to execute arbitrary code. ieee 
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exposes direct SQL commands via POST data in order to select 
data for report generation. A malicious actor can use the bi report 
endpoint as a direct SQL prompt under the authenticated user. 


Prima aT : CVSS Source & Patch 
Vendor -- idiei Description Published Score Info 

When parsing a file that is submitted to the DPDecoder service as 
a job, the R3D SDK will mistakenly skip over the assignment of a 

blackmagic_design -- property containing an object referring to a UUID that was parsed 

davici- resolvé from a frame within the video container. Upon destruction of the not yet ||CVE-2021-40418 

= object that owns it, the uninitialized member will be dereferenced 2021-12-22 calculated ice CS 

and then destroyed using the object’s virtual destructor. Due to the = 
object property being uninitialized, this can result in dereferencing 
an arbitrary pointer for the object’s virtual method table, which can 
result in code execution under the context of the application. 
When parsing a file that is submitted to the DPDecoder service as 
a job, the service will use the combination of decoding parameters 
that were submitted with the job along with fields that were parsed 

blackmagic_design -- for the submitted video by the R3D SDK to calculate the size of a 

davinci_resolve heap buffer. Due to an integer overflow with regards to this 2021-12-22 Psi ee i emma 
calculation, this can result in an undersized heap buffer being se 
allocated. When this heap buffer is written to, a heap-based buffer 
overflow will occur. This can result in code execution under the 
context of the application. 
Chain Sea ai chatbot backend has improper filtering of special 

chain_sea_-- ai_chatbot_system ||characters in URL parameters, which allows a remote attacker to 2021-12-20 not yet CVE-2021-44163 
perform JavaScript injection for XSS (reflected Cross-site calculated |CONFIRM 
scripting) attack without authentication. 
Chain Sea ai chatbot system’s file upload function has insufficient 

s : filtering for special characters in URLs, which allows a remote 

chain-seac -=al chatbot system attacker to by-pass file type validation, upload malicious script and || 2021-12-20 Hi i ace 
execute arbitrary code without authentication, in order to take calculated (CONFIRM 
control of the system or terminate service. 
Chain Sea ai chatbot system’s specific file download function has 

chain_sea_ -- ai_chatbot_system __ ||path traversal vulnerability. The function has improper filtering of 2021-12-20 not yet |CVE-2021-44162 
special characters in URL parameters, which allows a remote calculated |CONFIRM 
attacker to download arbitrary system files without authentication. 
Cronos is a commercial implementation of a blockchain. In Cronos 
nodes running versions before v0.6.5, it is possible to take 

crypto-org-chain -- cronos transaction fees from Cosmos SDK's FeeCollector for the current not yet oe 
block by sending a custom crafted MsgEthereumTx. This problem || 2021-12-21 calculated |CONFIRM 
has been patched in Cronos v0.6.5. There are no tested Msc 
workarounds. All validator node operators are recommended to e 
upgrade to Cronos v0.6.5 at their earliest possible convenience. 
lib/DatabaseLayer.py in cve-search before 4.1.0 allows regular eee 

cve-search -- cve-search RRO EEE . ; not yet MISC 
expression injection, which can lead to ReDoS (regular expression|| 2021-12-23 calculated MISC 
denial of service) or other impacts. MISC 
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to 
Insecure design on report build via SQL query. The Systeam 
application is an ERP system that uses a mixed architecture 

dalmark -- system_systeams based on SaaS tenant and user management, and on-premise 2021-12-21 not yet |CVE-2021-44874 
database and web application counterparts. The bi report module calculated |MISC 





dalmark -- system_systeams 


Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User 


enumeration. The Systeam application is an ERP system that 
uses a mixed architecture based on SaaS tenant and user 
management, and on-premise database and web application 
counterparts. This issue occurs during the password recovery 
procedure for a given user, where a difference in messages could 
allow an attacker to determine if the given user is valid or not, 
enabling a brute force attack with valid users. 


2021-12-21 


not yet 
calculated 





CVE-2021-44875 
MISC 








dalmark -- system_systeams 








Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User 
enumeration. The Systeam application is an ERP system that 
uses a mixed architecture based on SaaS tenant and user 
management, and on-premise database and web application 
counterparts. This issue occurs during the identification of the 
correct tenant for a given user, where a difference in messages 
could allow an attacker to determine if the given user is valid or 





not, enabling a brute force attack with valid users. 








2021-12-21 


not yet 
calculated 








CVE-2021-44876 
MISC 
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dalmark -- system_systeams 


Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to 


Incorrect Access Control. The Systeam application is an ERP 
system that uses a mixed architecture based on SaaS tenant and 
user management, and on-premise database and web application 
counterparts. A broken access control vulnerability has been 
found while using a temporary generated token in order to 
consume api resources. The vulnerability allows an 
unauthenticated attacker to use an api endpoint to generate a 
temporary JWT token that is designed to reference the correct 
tenant prior to authentication, to request system configuration 
parameters using direct api requests. The correct exploitation of 
this vulnerability causes sensitive information exposure. In case 
the tenant has an smtp credential set, the full credential 
information is disclosed. 


2021-12-21 





not yet 
calculated 


CVE-2021-44877 
MISC 








dell -- emc_avamar_server 


Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 
contain an improper privilege management vulnerability in AUI. A 
malicious user with high privileges could potentially exploit this 
vulnerability, leading to the disclosure of the AUI info and 
performing some unauthorized operation on the AUI. 


2021-12-21 


not yet 
calculated 


CVE-2021-36316 
CONFIRM 








dell -- emc_avamar_server 


Dell EMC Avamar Server version 19.4 contains a plain-text 
password storage vulnerability in Avinstaller. A local attacker 
could potentially exploit this vulnerability, leading to the disclosure 
of certain user credentials. The attacker may be able to use the 
exposed credentials to access the vulnerable application with 
privileges of the compromised account. 


2021-12-21 


not yet 
calculated 


CVE-2021-36317 
CONFIRM 





Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a 


























compromising Confidentiality and Integrity of data. 


dell -- emc_avamar_server plain-text password storage vulnerability. A high privileged user 2021-12-21 not yet ||CVE-2021-36318 
could potentially exploit this vulnerability, leading to a complete calculated |CONFIRM 
outage. 
dell Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 
~ ; P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high- ETE not yet ||CVE-2021-43587 
powerpath_management_applicance i ileged malicious user may potentially exploit this vulnerability 202a a] calculated |CONFIRM 
to gain access to secrets and elevate to gain higher privileges. 
Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an 
authentication bypass by primary weakness in one of the 
dell -- powerscale_onefs authentication factors. A remote unauthenticated attacker may 2021-12-21 Ahaa aa e 
potentially exploit this vulnerability and bypass one of the factors EAA 
of authentication. 
Dell Wyse Device Agent version 14.5.4.1 and below contain a 
dell -- wyse_device_agent sensitive data exposure vulnerability. A local authenticated user 2021-12-21 not yet ||CVE-2021-36341 
with low privileges could potentially exploit this vulnerability in calculated |CONFIRM 
order to access sensitive information. 
Dell Wyse Management Suite version 3.3.1 and prior support 
; insecure Transport Security Protocols TLS 1.0 and TLS 1.1 which not yet ||CVE-2021-36337 
dells Wyse managementsuNte are susceptible to Man-In-The-Middle attacks thereby 2021-12-21 || calculated [CONFIRM 





dell -- wyse_management_suite 


Wyse Management Suite 3.3.1 and below versions contain a 


deserialization vulnerability that could allow an unauthenticated 
attacker to execute code on the affected system. 


2021-12-21 


not yet 
calculated 


CVE-2021-36336 


CONFIRM 





delta_electronics -- diaenergie 


DlAEnergie Version 1.7.5 and prior is vulnerable to multiple cross- 


site scripting vulnerabilities when arbitrary code is injected into the 
parameter “name” of the script “HandlerEnergyType.ashx”. 


2021-12-22 


CVE-2021-44544 
MISC 


not yet 
calculated 





DlAEnergie Version 1.7.5 and prior is vulnerable to stored cross- 











“DIAE_HandlerAlarmGroup.ashx”. 


delta_electronics -- diaenergie site scripting when an unauthenticated user injects arbitrary code 2021-12-22 not yet ||CVE-2021-31558 
into the parameter “descr” of the script calculated ||MISC 
“DIAE_hierarchyHandler.ashx”. 
DlAEnergie Version 1.7.5 and prior is vulnerable to stored cross- 

delta_electronics -- diaenergie site scripting when an unauthenticated user injects arbitrary code not yet |CVE-2021-44471 
; « » : 2021-12-22 
into the parameter “name” of the script calculated ||MISC 





delta_electronics -- diaenergie 


DIAEnergie Version 1.7.5 and prior is vulnerable to a reflected 


cross-site scripting attack through error pages that are returned by 
“ NET Request.QueryString”. 


2021-12-22 


CVE-2021-23228 
MISC 


not yet 
calculated 





e2guardian v5.4.x <= v5.4.3r is affected by missing SSL certificate 


validation in the SSL MITM engine. In standalone mode (i.e., 





CVE-2021-44273 

















application using a JMS ObjectMessage. 

















e2guardian -- e2guardian acting as a proxy or a transparent proxy), with SSL MITM enabled, 2021-12-23 not yet MISC 
e2guardian, if built with OpenSSL v1.1.x, did not validate calculated |MISC 
hostnames in certificates of the web servers that it connected to, MLIST 
and thus was itself vulnerable to MITM attacks. 
The HornetQ component of Artemis in EAP 7 was not updated 

eap -- eap with the fix for CVE-2016-4978. A remote attacker could use this 2021-12-23 not yet ||CVE-2021-20318 
flaw to execute arbitrary code with the permissions of the calculated |MISC 
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elgg -- elgg 


elgg is vulnerable to Improper Neutralization of Input During Web 
Page Generation ('Cross-site Scripting’) 


2021-12-24 


not yet 
calculated 


CVE-2021-4072 


MISC 
CONFIRM 





ENC DataVault 7.1.1W and VaultAPI v67, which is currently being 


used in various other applications, mishandles key derivation, 


CVE-2021-36750 

















locations, leading to a denial-of-service. 


ene_security — deltavault making it easier for attackers to determine the passwords of all 2021-12-22 Paaa MISC 
DataVault users (across USB drives sold under multiple brand MISC 
names). 
A vulnerability affecting F-Secure antivirus engine was discovered 
ma : whereby scanning MS outlook .pst files can lead to denial-of- 
f-secure -- antivirus_engine service. The vulnerability can be exploited remotely by an 2021-12-22 eos -o 
attacker. A successful attack will result in denial-of-service of the f= 
antivirus engine. 
FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, CVE-2021-45461 
freepbx -- freepbx 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote 2021-12-22 not yet CONFIRM 
attackers to execute arbitrary code, as exploited in the wild in calculated |CONFIRM 
December 2021. The fixed versions are 15.0.20 and 16.0.19. MISC 
fuji_electric -- v- Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to 
server_lite_and_tellus_lite_v- v4.0.12.0 is vulnerable to an access of uninitialized pointer, which not yet ||CVE-2021-38409 
; i 2021-12-20 
simulator may allow an attacker read from or write to unexpected memory calculated ||MISC 





fuji_electric -- v- 


Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to 











application to crash. 


Serer te and telus N v4.0.12.0 is vulnerable to a stack-based buffer overflow, which | 2021-12-20 | notyet |CVE-2021-38413 
simulator : j calculated ||MISC 
may allow an attacker to achieve code execution. 
fuji_electric -- v- Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to 
server_lite_and_tellus_lite_v- v4.0.12.0 is vulnerable to an untrusted pointer dereference, which not yet |CVE-2021-38401 
: : 2021-12-20 
simulator may allow an attacker to execute arbitrary code and cause the calculated |MISC 





fuji_electric -- v- 


Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to 











in data corruption, a system crash, or code execution. 


server_lite_and_tellus_lite_v- v4.0.12.0 is vulnerable a heap-based buffer overflow when 2021-12-20 not yet |CVE-2021-38415 
simulator parsing a specially crafted project file, which may allow an calculated |MISC 
attacker to execute arbitrary code. 
fuji_electric -- v- > ' : ; : ; 
pears ; Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to 
server_lite_and_tellus_lite_v- \v4.0.12.0 is vulnerable to an out-of-bounds write, which can result | 2021-12-20 | Notyet [CVE-2021-38419 
simulator calculated |MISC 





fuji_electric -- v- 


Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to 











attacker to supply directory traversal primitives and delete semi- 
arbitrary files. 


server_lite_and_tellus_lite_v- v4.0.12.0 is vulnerable to an out-of-bounds read, which may allow 2021-12-20 not yet CVE-2021-38421 
simulator an attacker to read sensitive information from other memory calculated |MISC 
locations or cause a crash. 
Specially-crafted command line arguments can lead to arbitrary 
file deletion. The handle_delete function does not attempt to 
garrett -- metal_detectors sanitize or otherwise validate the contents of the [file] parameter 2021-12-22 not yet CVE-2021-21908 
(passed to the function as argv[1]), allowing an authenticated calculated |MISC 





garrett -- metal_detectors 


Specially-crafted command line arguments can lead to arbitrary 


file deletion in the del .cnt|.log file delete command. An attacker 
can provide malicious inputs to trigger this vulnerability 


2021-12-22 


not yet 
calculated 


i 


CVE-2021-21909 


MISC 





garrett -- metal_detectors 


A directory traversal vulnerability exists in the CMA CLI getenv 


command functionality of Garrett Metal Detectors’ iC Module CMA 
Version 5.0. A specially-crafted command line argument can lead 
to local file inclusion. An attacker can provide malicious input to 
trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21907 
MISC 





garrett -- metal_detectors 


Stack-based buffer overflow vulnerability exists in how the CMA 


readfile function of Garrett Metal Detectors iC Module CMA 
Version 5.0 is used at various locations. The Garrett iC Module 
exposes an authenticated CLI over TCP port 6877. This interface 
is used by a secondary GUI client, called “CMA Connect”, to 
interact with the iC Module on behalf of the user. Every time a 
user submits a password to the CLI password prompt, the buffer 
containing their input is passed as the password parameter to the 
checkPassword function. 


2021-12-22 


not yet 
calculated 


CVE-2021-21906 
MISC 





garrett -- metal_detectors 











Stack-based buffer overflow vulnerability exists in how the CMA 


readfile function of Garrett Metal Detectors iC Module CMA 
Version 5.0 is used at various locations. The Garrett iC Module 
exposes an authenticated CLI over TCP port 6877. This interface 
is used by a secondary GUI client, called “CMA Connect”, to 
interact with the iC Module on behalf of the user. After a client 
successfully authenticates, they can send plaintext commands to 
manipulate the device. 








2021-12-22 





not yet 
calculated 











CVE-2021-21905 
MISC 
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garrett -- metal_detectors 


A directory traversal vulnerability exists in the CMA CLI setenv 


command of Garrett Metal Detectors’ iC Module CMA Version 5.0. 


An attacker can provide malicious input to trigger this vulnerability 


2021-12-22 


CVE-2021-21904 
MISC 


not yet 
calculated 





garrett -- metal_detectors 


A stack-based buffer overflow vulnerability exists in the CMA 
check_udp_crc function of Garrett Metal Detectors’ iC Module 
CMA Version 5.0. A specially-crafted packet can lead to a stack- 
based buffer overflow during a call to strcpy. An attacker can send 
a malicious packet to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21903 
MISC 





garrett -- metal_detectors 


An authentication bypass vulnerability exists in the CMA 
run_server_6877 functionality of Garrett Metal Detectors iC 
Module CMA Version 5.0. A properly-timed network connection 
can lead to authentication bypass via session hijacking. An 
attacker can send a sequence of requests to trigger this 
vulnerability. 


2021-12-22 





not yet 
calculated 


CVE-2021-21902 
MISC 








garrett -- metal_detectors 


A stack-based buffer overflow vulnerability exists in the CMA 
check_udp_crc function of Garrett Metal Detectors’ iC Module 
CMA Version 5.0. A specially-crafted packet can lead to a stack- 
based buffer overflow during a call to memcpy. An attacker can 
send a malicious packet to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21901 
MISC 








gerbv_project -- gerbv 


An out-of-bounds write vulnerability exists in the RS-274X 
aperture macro variables handling functionality of Gerbv 2.7.0 and 
dev (commit b5f1eacd) and the forked version of Gerbv (commit 
71493260). A specially-crafted gerber file can lead to code 
execution. An attacker can provide a malicious file to trigger this 
vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-40394 
MISC 





An out-of-bounds write vulnerability exists in the RS-274X 
aperture macro variables handling functionality of Gerbv 2.7.0 and 




















gerbv_project -- gerbv dev (commit b5f1eacd) and the forked version of Gerbv (commit 2021-12-22 not yet |CVE-2021-40393 
71493260). A specially-crafted gerber file can lead to code calculated ||MISC 
execution. An attacker can provide a malicious file to trigger this 
Vulnerability. 
GEGL before 0.4.34, as used (for example) in GIMP before CVE-2021-45463 
gnome -- gimp 2.10.30, allows shell expansion when a pathname in a constructed not yet MISC 
command line is not escaped or filtered. This is caused by use of || 2021-12-23 calculated MISC 
the system library function for execution of the ImageMagick MISC 
convert fallback in magick-load. MISC 
gnu -- gnu An Invalid Pointer vulnerability exists in GNU patch 2.7 via the 2021-12-22 not yet |CVE-2021-45261 
another_hunk function, which causes a Denial of Service. calculated ||MISC 





gnuplot -- gnuplot 


A Divide by Zero vulnerability exists in gnuplot 5.4 in the 
boundary3d function in graph3d.c, which could cause a Arithmetic 


2021-12-21 


CVE-2021-44917 





not yet 
calculated 



















































































exception and application crash. a 
CVE-2021-44659 
ee aocd. sewer Adding a new pipeline in GoCD server version 21.3.0 has a notyet MISC 
9 goco- functionality that could be abused to do an un-intended action in 2021-12-22 ead MISC 
order to achieve a Server Side Request Forgery (SSRF) MISC 
MISC 
a Insufficient policy enforcement in CORS in Google Chrome prior CVE-2021-38019 
google =- chrome to 96.0.4664.45 allowed a remote attacker to leak cross-origin 2021-12-23 a q (Misc 
data via a crafted HTML page. MISC 
Insufficient policy enforcement in contacts picker in Google 2 : 
google -- chrome Chrome on Android prior to 96.0.4664.45 allowed a remote not yet PaE aNu 
2021-12-23 MISC 
attacker to spoof the contents of the Omnibox (URL bar) via a calculated MISC 
crafted HTML page. e 
Inappropriate implementation in navigation in Google Chrome CVE-2021-38018 
google — chrome prior to 96.0.4664.45 allowed a remote attacker to perform domain|| 2021-12-23 Reise ae MISC 
spoofing via a crafted HTML page. MISC 
Seale chrome Inappropriate implementation in WebAuthentication in Google ñotvét CVE-2021-38022 
goog Chrome prior to 96.0.4664.45 allowed a remote attacker to leak 2021-12-23 Geueisa MISC 
cross-origin data via a crafted HTML page. MISC 
doole cething Insufficient policy enforcement in iframe sandbox in Google ok Vet CVE-2021-38017 
goog Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass|} 2021-12-23 paieiicd MISC 
navigation restrictions via a crafted HTML page. MISC 
Insufficient policy enforcement in background fetch in Google CVE-2021-38016 
google -— chrome Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass|| 2021-12-23 | Mtyet |misc 
an > : calculated 
same origin policy via a crafted HTML page. MISC 
Inappropriate implementation in input in Google Chrome prior to CVE-2021-38015 
google -- chrome 96.0.4664.45 allowed an attacker who convinced a user to install 2021-12-23 not yet Msc 
a malicious extension to bypass navigation restrictions via a calculated MISC 
crafted Chrome Extension. n 
EEA [Out of bounds write in Swiftshader in Google Chrome prior to | I naa (CVE-2021-38014 | 
goog 96.0.4664.45 allowed a remote attacker to potentially exploit heap || 2021-12-23 aed MISC 
corruption via a crafted HTML page. MISC 
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perform a sandbox escape via a crafted HTML page. 

















Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
= Inappropriate implementation in referrer in Google Chrome prior to CVE-2021-38021 
google -- chrome 96.0.4664.45 allowed a remote attacker to bypass navigation 2021-12-23 P ae 4 MISC 
restrictions via a crafted HTML page. MISC 
Soole chrome Insufficient data validation in new tab page in Google Chrome not vet CVE-2021-4068 
goog prior to 96.0.4664.93 allowed a remote attacker to leak cross- 2021-12-23 i ed MISC 
origin data via a crafted HTML page. MISC 
odaie chrome Use after free in storage foundation in Google Chrome prior to fot vet CVE-2021-38011 
goog 96.0.4664.45 allowed a remote attacker to potentially exploit heap || 2021-12-23 Peele MISC 
corruption via a crafted HTML page. MISC 
doole- tirons Type confusion in V8 in Google Chrome prior to 96.0.4664.93 ñotvét CVE-2021-4061 
goog allowed a remote attacker to potentially exploit heap corruption via || 2021-12-23 aicut MISC 
a crafted HTML page. MISC 
Boole chrome Use after free in window manager in Google Chrome on fiat Vet CVE-2021-4067 
goog ChromeOS prior to 96.0.4664.93 allowed a remote attacker to 2021-12-23 éeiiied MISC 
potentially exploit heap corruption via a crafted HTML page. MISC 
eoalechrome Integer underflow in ANGLE in Google Chrome prior to not vet CVE-2021-4066 
goog 96.0.4664.93 allowed a remote attacker to potentially exploit heap || 2021-12-23 eM MISC 
corruption via a crafted HTML page. MISC 
sodle’= chroma Use after free in autofill in Google Chrome prior to 96.0.4664.93 not vet CVE-2021-4065 
goog allowed a remote attacker to potentially exploit heap corruption via || 2021-12-23 Persie MISC 
a crafted HTML page. MISC 
Sau [Use after free in screen capture in Google Chrome on ChromeOS | | aa CVE-2021-4004 | 
goog prior to 96.0.4664.93 allowed a remote attacker to potentially 2021-12-23 salcine MISC 
exploit heap corruption via a crafted HTML page. MISC 
dódié=- chromé Use after free in developer tools in Google Chrome prior to nok vat CVE-2021-4063 
goog 96.0.4664.93 allowed a remote attacker to potentially exploit heap || 2021-12-23 cued MISC 
corruption via a crafted HTML page. MISC 
Heap buffer overflow in BFCache in Google Chrome prior to oo] CVE-2021-4062 
google -- chrome 96.0.4664.93 allowed a remote attacker who had compromised 2021-12-23 not yet Msc = 
the renderer process to potentially exploit heap corruption via a calculated MISC 
crafted HTML page. e 
dodies chrone Type confusion in V8 in Google Chrome prior to 96.0.4664.93 nok vat CVE-2021-4078 
goog allowed a remote attacker to potentially exploit heap corruption via || 2021-12-23 eaaica MISC 
a crafted HTML page. MISC 
oale: chrome Insufficient data validation in loader in Google Chrome prior to not vet CVE-2021-4059 
goog 96.0.4664.93 allowed a remote attacker to leak cross-origin data 2021-12-23 seiuiaied MISC 
via a crafted HTML page. MISC 
obale chrome Out of bounds write in WebRTC in Google Chrome prior to not yet CVE-2021-4079 
goog 96.0.4664.93 allowed a remote attacker to potentially exploit heap || 2021-12-23 ead MISC 
corruption via crafted WebRTC packets. MISC 
doole- chrome Heap buffer overflow in ANGLE in Google Chrome prior to not vet CVE-2021-4058 
goog 96.0.4664.93 allowed a remote attacker to potentially exploit heap || 2021-12-23 Gerucicd MISC 
corruption via a crafted HTML page. MISC 
Use after free in file API in Google Chrome prior to 96.0.4664.93 CVE-2021-4057 
google -- chrome allowed a remote attacker who had compromised the renderer notyet iaer = 
: : . A 2021-12-23 MISC 
process to potentially exploit heap corruption via a crafted HTML calculated MISC 
page. EE 
jodle-<ehrome Type confusion in loader in Google Chrome prior to 96.0.4664.93 not vet CVE-2021-4056 
goog allowed a remote attacker to potentially exploit heap corruption via || 2021-12-23 enced MISC 
a crafted HTML page. MISC 
Heap buffer overflow in extensions in Google Chrome prior to CVE-2021-4055 
google -- chrome 96.0.4664.93 allowed an attacker who convinced a user to install 2021-12-23 not yet Msc 
a malicious extension to potentially exploit heap corruption via a calculated MISC 
crafted Chrome Extension. a 
oale chrome Incorrect security UI in autofill in Google Chrome prior to nat vet CVE-2021-4054 
goog 96.0.4664.93 allowed a remote attacker to perform domain 2021-12-23 eed MISC 
spoofing via a crafted HTML page. MISC 
donle = chrome Use after free in UI in Google Chrome on Linux prior to notyét CVE-2021-4053 
goog 96.0.4664.93 allowed a remote attacker to potentially exploit heap || 2021-12-23 Pei ee MISC 
corruption via a crafted HTML page. MISC 
Use after free in web apps in Google Chrome prior to CVE-2021-4052 
google -- chrome 96.0.4664.93 allowed an attacker who convinced a user to install notyet. liges 
es : ; : F s 2021-12-23 MISC 
a malicious extension to potentially exploit heap corruption via a calculated MISC 
crafted Chrome Extension. e 
odaie chrome Type confusion in V8 in Google Chrome prior to 96.0.4664.45 not vet CVE-2021-38012 
goog allowed a remote attacker to potentially exploit heap corruption via || 2021-12-23 cued MISC 
a crafted HTML page. MISC 
Heap buffer overflow in fingerprint recognition in Google Chrome CVE-2021-38013 
google -- chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker 2021-12-23 not yet MISC... 
who had compromised a WebUI renderer process to potentially calculated MISC 
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Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
Inappropriate implementation in service workers in Google CVE-2021-38010 
google -- chrome Chrome prior to 96.0.4664.45 allowed a remote attacker who had 2021-12-23 not yet Msc 
compromised the renderer process to bypass site isolation via a calculated MISC 
crafted HTML page. E 
odale: dhroma Use after free in storage foundation in Google Chrome prior to nötvét CVE-2021-38006 
goog 96.0.4664.45 allowed a remote attacker to potentially exploit heap || 2021-12-23 A MISC 
corruption via a crafted HTML page. MISC 
doala = chromë Use after free in loader in Google Chrome prior to 96.0.4664.45 not vet CVE-2021-38005 
goog allowed a remote attacker to potentially exploit heap corruption via || 2021-12-23 er site MISC 
a crafted HTML page. MISC 
Inappropriate implementation in cache in Google Chrome prior to CVE-2021-38009 
google > chrome 96.0.4664.45 allowed a remote attacker to leak cross-origin data || 2021-12-23 haa a Misc 
via a crafted HTML page. MISC 
Type confusion in V8 in Google Chrome prior to 96.0.4664.45 CVE-2021-38007 
google — chrome allowed a remote attacker to potentially exploit heap corruption via || 2021-12-23 Relish ae MISC 
a crafted HTML page. MISC 
Seale: —<-chrome Use after free in media in Google Chrome prior to 96.0.4664.45 iot vét CVE-2021-38008 
goog allowed a remote attacker to potentially exploit heap corruption via || 2021-12-23 Girucisa MISC 
a crafted HTML page. MISC 
gpac -- gpac An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log 2021-12-21 not yet |CVE-2021-44924 
function, which causes a Denial of Service. calculated ||MISC 
a A null pointer dereference vulnerability exists in gpac 1.1.0 in the i ’ 
gpac = ypac gf_svg_get_attribute_name function, which causes a 2021-12-21 i a vi ó ae 
segmentation fault and application crash. (anand 
7 A null pointer dereference vulnerability exists in gpac 1.1.0 in the F p 
gpac:= gpac gf_isom_parse_movie_boxes_internal function, which causes a 2021-12-21 tear a 
segmentation fault and application crash. E 
7 A null pointer dereference vulnerability exists in gpac 1.1.0 in the 5 i 
gpac = ares Isr_read_id.part function, which causes a segmentation fault and 2021-12-22 e oe 
application crash. Pose 
_ A null pointer dereference vulnerability exists in gpac 1.1.0 in the ? i 
gpac = gpac gf_sg_vrml_mf_append function, which causes a segmentation 2021-12-21 a hae 
fault and application crash. et 
gpac -- gpac An infinite loop vulnerability exists in Gpac 1.0.1 in 2021-12-21 not yet |CVE-2021-45297 
gf_get_bit_size. calculated |MISC 
The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows 
gpac = gpac attackers to cause a denial of service (Invalid memory address 2021-12-21 PAA oo 
dereference) via a crafted file in the MP4Box command. —_— 
The gf_dump_setup function in GPAC 1.0.1 allows malicoius 
gpac= gpa; users to cause a denial of service (Invalid memory address 2021-12-21 lane oo 
dereference) via a crafted file in the MP4Box command. —— 
An invalid free vulnerability exists in gpac 1.1.0 via the 
gpac = gpac gf_sg_command_del function, which causes a segmentation fault || 2021-12-22 notyet k vE- 2021-45284 
amie calculated |MISC 
and application crash. 
A vulnerability exists in GPAC 1.0.1 due to an omission of 
gpac —gpac security-relevant Information, which could cause a Denial of 2021-12-21 oe Ie =e 
Service. The program terminates with signal SIGKILL. B 
A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, 
gpäc- gpac which could cause a Denail of Service via a crafted file in the 2021-12-21 || notyet |CVE-2021-45288 
calculated ||MISC 
MP4Box command. 
A null pointer dereference vulnerability exists in the gpac in the 
gpac = gpac gf_node_get_tag function, which causes a segmentation fault and || 2021-12-21 not yet: | ZE- eee eee 
Aa calculated ||MISC 
application crash. 
An invalid memory address dereference vulnerability exists in 
gpac = gpac gpac 1.1.0 in the dump_od_to_saf.isra function, which causes a 2021-12-21 no yet euE 20ean 
: nnn calculated ||MISC 
segmentation fault and application crash. 
A null pointer dereference vulnerability exists in gpac 1.1.0 in the 
gpac -- gpac BD_CheckSFTimeOffset function, which causes a segmentation 2021-12-21 notyet | ee 
saat calculated |MISC 
fault and application crash. 
A Null Pointer Dereference vulnerability exists in the 
gpac -- gpac gf_sg_vrml_mf_alloc function, which causes a segmentation fault || 2021-12-21 not yet . | heeeeee tats 
wire calculated ||MISC 
and application crash. 
A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the 
gpac = gpac gf_node_get_field function, which can cause a segmentation fault || 2021-12-21 notyet eet sees 
=e calculated |MISC 
and application crash. 
An Invalid pointer reference vulnerability exists in gpac 1.1.0 via 
gpac -- gpac the gf_svg_node_del function, which causes a segmentation fault || 2021-12-22 hot yet eE 2014559 
D calculated ||MISC 
and application crash. 
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backup repositories, or ZLD files saved in SD cards. As a result, 
the attacker may access the PLC Web server and hijack the PLC, 
and manipulation of the PLC output and/or suspension of the PLC 
may be conducted. 

















Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
An invalid free vulnerability exists in gpac 1.1.0 via the 
gpac = gpac gf_svg_delete_attribute_value function, which causes a 2021-12-22 Be - d ao 
segmentation fault and application crash. lexan 
z A null pointer dereference vulnerability exists in gpac 1.1.0 in the k $ 
gpac -- gpac gft_dump_vrml_dyn_field.isra function, which causes a ararasan a oo 
segmentation fault and application crash. TE 
A stack overflow vulnerability exists in gpac 1.1.0 via the 
gpac = gpac gf_bifs_dec_proto_list function, which causes a segmentation fault|| 2021-12-22 Peli ua woe 
and application crash. D 
An invalid memory address dereference vulnerability exists in 
prec ypac gpac 1.1.0 via the svg_node_start function, which causes a 2021-12-22 Mo t e ee 
segmentation fault and application crash. En 
Incorrect permission assignment for critical resource vulnerability 
in GroupSession Free edition ver5.1.1 and earlier, GroupSession CVE-2021-20874 
groupsession -- multiple_products ||byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 2021-12-24 not yet Msc 
and earlier allows a remote unauthenticated attacker to access calculated MISC 
arbitrary files on the server and obtain sensitive information via Ea 
unspecified vectors. 
Path traversal vulnerability in GroupSession Free edition ver5.1.1 
and earlier, GroupSession byCloud ver5.1.1 and earlier, and CVE-2021-20876 
groupsession -- multiple_products ||GroupSession ZION ver5.1.1 and earlier allows an attacker with 2021-12-24 not yet MISC. 
an administrative privilege to obtain sensitive information stored in calculated MISC 
the hierarchy above the directory on the published site's server via za 
unspecified vectors. 
Open redirect vulnerability in GroupSession Free edition ver5.1.1 
and earlier, GroupSession byCloud ver5.1.1 and earlier, and CVE-2021-20875 
groupsession -- multiple_products ||GroupSession ZION ver5.1.1 and earlier allows a remote 2024-12-24 not yet Msc 
unauthenticated attacker to redirect users to arbitrary web sites calculated MISC 
and conduct phishing attacks by having a user to access a es 
specially crafted URL. 
gurock -- testrail : . : not yet ||CVE-2021-44263 
Gurock TestRail before 7.2.4 mishandles HTML escaping. 2021-12-20 calculated |CONFIRM 
A flaw was found in the hivex library. This flaw allows an attacker LVE 2021 30u 
to input a specially crafted Windows Registry (hive) file, which MISC 
NIVEXANIVEX would cause hivex to recursively call the _get_children() function, || 2021-12-23 not yet . MEELCRA 
; : : calculated ||FEDORA 
leading to a stack overflow. The highest threat from this MISC 
vulnerability is to system availability. MISC 
CVE-2021-43847 
HumHub is an open-source social network kit written in PHP. Prior MISC 
humhub -- humhub to HumHub version 1.10.3 or 1.9.3, it could be possible for 2021-12-20 not yet MISC 
registered users to become unauthorized members of private calculated |MISC 
Spaces. Versions 1.10.3 and 1.9.3 contain a patch for this issue. MISC 
CONFIRM 
IBM Business Process Manager 8.5 and 8.6 and IBM Business 
Automation Workflow 18.0, 19.0, 20.0 and 21.0 are vulnerable to CVE-2021-38893 
ibm -- business_process_manager ||stored cross-site scripting. This vulnerability allows users to 2021-12-21 not yet |XF 
embed arbitrary JavaScript code in the Web UI thus altering the calculated |CONFIRM 
intended functionality potentially leading to credentials disclosure CONFIRM 
within a trusted session. IBM X-Force ID: 209512. 
IBM Business Process Manager 8.5 and 8.6 and IBM Business CVE-2021-38900 
ibm -- business_process_manager ||Automation Workflow 18.0, 19.0, 20.0 and 21.0 could allow a 2021-12-21 not yet CONFIRM 
privileged user to obtain highly sensitive information due to calculated |CONFIRM 
improper access controls. IBM X-Force ID: 209607. XF 
IBM Cloud Pak for Security (CP4S) 1.7.2.0, 1.7.1.0, and 1.7.0.0 CVE-2021-39013 
ibm -- cloud_pak_for_security could allow an authenticated user to obtain sensitive information in 2021-12-22 not yet XE o 
HTTP responses that could be used in further attacks against the calculated CONFIRM 
system. IBM X-Force ID: 213651. DERION 
Plaintext storage of a password vulnerability in IDEC PLCs (FC6A 
Series MICROSmart All-in-One CPU module v2.32 and earlier, 
FC6A Series MICROSmart Plus CPU module v1.91 and earlier, 
WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, 
: : ‘ : CVE-2021-20827 
idec_plcs -- idec_plcs and Data File Manager v2.12.1 and earlier) allows an attacker to 2021-12-24 not yet MISC 
obtain the PLC Web server user credentials from file servers, calculated MISC 
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lead to remote code execution. An attacker can make an 





authenticated HTTP request to trigger this vulnerability. 

















Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
Unprotected transport of credentials vulnerability in IDEC PLCs 
(FC6A Series MICROSmart All-in-One CPU module v2.32 and 
earlier, FC6A Series MICROSmart Plus CPU module v1.91 and 
earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and 
idec_plcs -- idec_plcs earlier, and Data File Manager v2.12.1 and earlier) allows an 2024-12-24 not yet e 
attacker to obtain the PLC Web server user credentials from the calculated MISC 
communication between the PLC and the software. As a result, E 
the complete access privileges to the PLC Web server may be 
obtained, and manipulation of the PLC output and/or suspension 
of the PLC may be conducted. 
invoiceninja -- invoiceninja invoiceninja is vulnerable to Improper Neutralization of Input not yet CVE-2021-3977 
During Web Page Generation ('Cross-site Scripting’) “ves calculated wee 
g 9 ping CONFIRM 
: : : : JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is 
Hfrog_artifactory ~ jfrog_artifactory  \yulnerable to Biind SQL Injection by a low privileged authenticated || 2021-12-20 || "Ot yet e 
user due to incomplete validation when performing an SQL query. = 
CVE-2021-23574 
All versions of package js-data are vulnerable to Prototype ara 
js-data -- js-data Pollution via the deepFillln and the set functions. This is an 2021-12-24 not yet CONFIRM 
incomplete fix of [CVE-2020-28442](https://snyk.io/vuln/SNYK-JS- calculated | AANER 
JSDATA-1023655) SONE RM 
` CONFIRM 
CONFIRM 
isx-slack is a package for building JSON objects for Slack block kit 
surfaces from JSX. The maintainers found the patch for CVE- 
2021-43838 in jsx-slack v4.5.1 is insufficient tfor protection from a 
Regular Expression Denial of Service (ReDoS) attack. If an 
attacker can put a lot of JSX elements into “<blockquote> tag CVE-2021-43843 
‘eyrelaek.-iexcelack |_with including multibyte characters_, an internal regular Rak Vet CONFIRM 
j J expression for escaping characters may consume an excessive 2021-12-20 aicea MISC 
amount of computing resources. v4.5.1 passes the test against MISC 
ASCII characters but misses the case of multibyte characters. jsx- MISC 
slack v4.5.2 has updated regular expressions for escaping 
blockquote characters to prevent catastrophic backtracking. It is 
also including an updated test case to confirm rendering multiple 
tags in `<blockquote>` with multibyte characters. 
This affects all versions of package github.com/kataras/iris; all 
katarase=iis versions of package github.com/kataras/iris/v12. The unsafe not vet oe 
handling of file names during upload using UploadFormFiles 2021-12-24 Pelee CONFIRM 
method may enable attackers to write to arbitrary locations outside CONFIRM 
the designated target folder. ——— 
; : A specially-crafted HTTP request can lead to arbitrary command 
lantronix -- premierwave execution in EC keypasswd parameter. An attacker can make an 2021-12-22 Ph e 
authenticated HTTP request to trigger this vulnerability. n 
An OS command injection vulnerability exists in the Web Manager 
: : Diagnostics: Traceroute functionality of Lantronix PremierWave 
antoni Dremichwave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to sariga || Oe oe 
arbitrary command execution. An attacker can make an ro 
authenticated HTTP request to trigger this vulnerability. 
; ; Specially-crafted HTTP requests can lead to arbitrary command 
lantronix =premienvave execution in PUT requests. An attacker can make authenticated 2021-12-22 eaa T 
HTTP requests to trigger this vulnerability. = 
; : Specially-crafted HTTP requests can lead to arbitrary command 
lantronix -- premierwave execution in “GET” requests. An attacker can make authenticated || 2021-12-22 Passe hae oe 
HTTP requests to trigger this vulnerability. — 
: : A specially-crafted HTTP request can lead to arbitrary command 
lantronix -- premierwave execution in DSA keypasswd parameter. An attacker can make an || 2021-12-22 ees o 
authenticated HTTP request to trigger this vulnerability. ee 
: : A specially-crafted HTTP request can lead to arbitrary command 
lantronix -- premierwave execution in RSA keypasswd parameter. An attacker can make an || 2021-12-22 Re ier — 
authenticated HTTP request to trigger this vulnerability. a 
An OS command injection vulnerability exists in the Web Manager 
: : Wireless Network Scanner functionality of Lantronix PremierWave 
Laie ly = premigrwave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to 2021-12-22 || ea oo 
command execution. An attacker can make an authenticated se 
HTTP request to trigger this vulnerability. 
A stack-based buffer overflow vulnerability exists in the Web 
; : Manager SslGenerateCSR functionality of Lantronix PremierWave 
anion A pre miGnwiae 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can || 2021-12-22 || "Olver 1 rns 
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lantronix -- premierwave 


An OS command injection vulnerability exists in the Web Manager 
SslGenerateCSR functionality of Lantronix PremierWave 2050 
8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary 
command execution. An attacker can make an authenticated 
HTTP request to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21884 
MISC 








lantronix -- premierwave 


A stack-based buffer overflow vulnerability exists in the Web 
Manager FsUnmount functionality of Lantronix PremierWave 2050 
8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead 
to remote code execution. An attacker can make an authenticated 
HTTP request to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21892 
MISC 








lantronix -- premierwave 


An OS command injection vulnerability exists in the Web Manager 
SslGenerateCertificate functionality of Lantronix PremierWave 
2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can 
lead to arbitrary command execution. An attacker can make an 
authenticated HTTP request to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21888 
MISC 








lantronix -- premierwave 


A stack-based buffer overflow vulnerability exists in the Web 
Manager FsBrowseClean functionality of Lantronix PremierWave 
2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can 
lead to remote code execution in the vulnerable portion of the 
branch (deletefile). An attacker can make an authenticated HTTP 
request to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21891 
MISC 








lantronix -- premierwave 


A local file inclusion vulnerability exists in the Web Manager 
Applications and FsBrowse functionality of Lantronix PremierWave 
2050 8.9.0.0R4. A specially-crafted series of HTTP requests can 
lead to local file inclusion. An attacker can make a series of 
authenticated HTTP requests to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21878 
MISC 








lantronix -- premierwave 


A directory traversal vulnerability exists in the Web Manager 
FsMove functionality of Lantronix PremierWave 2050 8.9.0.0R4. A 
specially crafted HTTP request can lead to local file inclusion. An 
attacker can make an authenticated HTTP request to trigger this 
vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21885 
MISC 








lantronix -- premierwave 


A directory traversal vulnerability exists in the Web Manager 
FSBrowsePage functionality of Lantronix PremierWave 2050 
8.9.0.0R4. A specially crafted HTTP request can lead to 
information disclosure. An attacker can make an authenticated 
HTTP request to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21886 
MISC 








lantronix -- premierwave 


A stack-based buffer overflow vulnerability exists in the Web 
Manager Ping functionality of Lantronix PremierWave 2050 
8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead 
to remote code execution. An attacker can make an authenticated 
HTTP request to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21889 
MISC 








lantronix -- premierwave 


An OS command injection vulnerability exists in the Web Manager 
Diagnostics: Ping functionality of Lantronix PremierWave 2050 
8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary 
command execution. An attacker can make an authenticated 
HTTP request to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21883 
MISC 








lantronix -- premierwave 


A stack-based buffer overflow vulnerability exists in the Web 
Manager FsBrowseClean functionality of Lantronix PremierWave 
2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can 
lead to remote code execution in the vulnerable portion of the 
branch (deletedir). An attacker can make an authenticated HTTP 
request to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21890 
MISC 








lantronix -- premierwave 


A directory traversal vulnerability exists in the Web Manager 
FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in 
QEMU). A specially crafted HTTP request can lead to arbitrary file 
overwrite FsTFtp file disclosure. An attacker can make an 
authenticated HTTP request to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21894 
MISC 








lantronix -- premierwave 


An OS command injection vulnerability exists in the Web Manager 
FsUnmount functionality of Lantronix PremierWave 2050 
8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary 
command execution. An attacker can make an authenticated 
HTTP request to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21882 
MISC 








lantronix -- premierwave 


A directory traversal vulnerability exists in the Web Manager 
FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in 
QEMU). A specially crafted HTTP request can lead to FsTFtp file 
overwrite. An attacker can make an authenticated HTTP request 
to trigger this vulnerability. 


2021-12-22 


not yet 
calculated 


CVE-2021-21895 
MISC 








lantronix -- premierwave 








A directory traversal vulnerability exists in the Web Manager 
FsCopyFile functionality of Lantronix PremierWave 2050 
8.9.0.0R4. A specially-crafted HTTP request can lead to local file 
inclusion. An attacker can make an authenticated HTTP request to 





trigger this vulnerability. 








2021-12-22 





not yet 
calculated 





CVE-2021-21880 
MISC 
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Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
A directory traversal vulnerability exists in the Web Manager 
, ; FsBrowseClean functionality of Lantronix PremierWave 2050 
lantronix -- premierwave 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead | 2021-12-22 || getet i =a 
to arbitrary file deletion. An attacker can make an authenticated Re 
HTTP request to trigger this vulnerability. 
A directory traversal vulnerability exists in the Web Manager File 
, ; Upload functionality of Lantronix PremierWave 2050 8.9.0.0R4. A 
lantronix -- premierwave specially-crafted HTTP request can lead to arbitrary file overwrite. || 2021-12-22 Piia aa ET 
An attacker can make an authenticated HTTP request to trigger es 
this vulnerability. 
lib/emd.js -- lib/cmd.js lib/emd.js in the node-windows package before 1.0.0-beta.6 for not yet CVE-2021-45459 
: eee : 2021-12-22 MISC 
Node.js allows command injection via the PID parameter. calculated MISC 
ee ee In the IPv4 implementation in the Linux kernel before 5.12.4, anak 7 i 
= net/ipv4/route.c has an information leak because the hash table is || 2021-12-25 | be d MISC 
very small. calculated |i S% 
MISC 
A use-after-free exists in drivers/tee/tee_shm.c in the TEE 
linux -- linux_kernel subsystem in the Linux kernel through 5.15.11. This occurs not yet Se ae 
eds : : 2021-12-22 MISC 
because of a race condition in tee_shm_get_from_id during an calculated MISC 
attempt to free a shared memory object. eae 
: ; In __ f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through a 
linux -- linux_kernel ; ; not yet MISC 
= 5.15.11, there is an out-of-bounds memory access when an inode || 2021-12-23 calculated MISC 
has an invalid last xattr entry. MUST 
In the IPv6 implementation in the Linux kernel before 5.13.3, 
; ; net/ipv6/output_core.c has an information leak because of certain CVE-2021-45485 
linux -- linux_kernel , ; ; not yet MISC 
= use of a hash table which, although big, doesn't properly consider |} 2021-12-25 calculated MISC 
that IPv6-based attackers can typically choose among many IPv6 MISC 
source addresses. e 
linux= lint kernel An issue was discovered in the Linux kernel before 5.15.11. There not vet CVE-2021-45480 
= is a memory leak in the __rds_conn_create() function in 2021-12-24 eae MISC 
net/rds/connection.c in a certain combination of circumstances. MISC 
mart_developers_inc -- iorder An HTML Injection Vulnerability in iOrder 1.0 allows the remote not yet CVE-202 143444 
ae : h 2021-12-20 MISC 
attacker to execute Malicious HTML codes via the signup form calculated MISC 
In MediaWiki through 1.37, XSS can occur in Wikibase because CVE-2021-45472 
mediawiki -- mediawiki an external identifier property can have a URL format that includes notyet Ihres ~ 
aan : et 2021-12-24 MISC 
a $1 formatter substitution marker, and the javascript: URL calculated MISC 
scheme (among others) can be used. = 
mediawiki- mediawiki In MediaWiki through 1.37, the Special:ImportFile URI (aka not yet CVE-2021-45474 
Filelmporter) allows XSS, as demonstrated by the clientUrl 2021-12-24 saiaacied MISC 
parameter. MISC 
mediawiki -- mediawiki In MediaWiki through 1.37, Wikibase item descriptions allow XSS, not vet CVE-2021-45473 
which is triggered upon a visit to an action=info URL (aka a page- || 2021-12-24 earn MISC 
information sidebar). MISC 
An issue was discovered in MediaWiki before 1.35.5, 1.36.x 
Saas P before 1.36.3, and 1.37.x before 1.37.1. It is possible to use CVE-2021-44858 
mediawiki — mediawiki action=edit&undo= followed by action=mcrundo and 2021-12-20 | Tor vel CONFIRM 
action=mcrrestore to view private pages on a private wiki that has MISC 
at least one page set in $wgWhitelistRead. 
CVE-2021-45471 
mediawiki -- mediawiki In MediaWiki through 1.37, blocked IP addresses are allowed to 2021-12-24 not yet MISC 
edit EntitySchema items. calculated |MISC 
MISC 
Mesa Labs AmegaView Versions 3.0 uses default cookies that 
mesa_labs -- amegaview could be set to bypass authentication to the web application, 2021-12-21 Phat aoe es 
which may allow an attacker to gain access. ne. 
: Mesa Labs AmegaView Versions 3.0 and prior’s passcode is 
mesa_labs —amegaview generated by an easily reversible algorithm, which may allow an 2021-12-21 Pie aia a 
attacker to gain access to the device. ar 
: Mesa Labs AmegaView version 3.0 is vulnerable to a command 
mesa_labs -- amegaview injection, which may allow an attacker to remotely execute 2021-12-21 t eae oo 
arbitrary code. calcurated WS% 
: Mesa Labs AmegaView Versions 3.0 and prior has insecure file 
mesa_labs -- amegaview permissions that could be exploited to escalate privileges on the 2021-12-21 ba a ae 
device. calculate 
: Mesa Labs AmegaView Versions 3.0 and prior has a command 
mesa_labs -- amegaview injection vulnerability that can be exploited to execute commands || 2021-12-21 ae coe 
in the web server. calculated |S SATIR 
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Prima ae : CVSS Source & Patch 
Vendor -- iia Description Published Score Info 
MSEdgeRedirect is a tool to redirect news, search, widgets, 
weather, and more to a user's default browser. MSEdgeRedirect 
versions before 0.5.0.1 are vulnerable to Remote Code Execution 
via specifically crafted URLs. This vulnerability requires user 
interaction and the acceptance of a prompt. With how 
MSEdgeRedirect is coded, parameters are impossible to pass to 
any launched file. However, there are two possible scenarios in 
which an attacker can do more than a minor annoyance. In 
Scenario 1 (confirmed), a user visits an attacker controlled 
webpage; the user is prompted with, and downloads, an 
executable payload; the user is prompted with, and accepts, the 
aforementioned crafted URL prompt; and RCE executes the CVE-2021-43844 
msedgeredirect -- msedgeredirect ||payload the user previously downloaded, if the download path is 2021-12-20 not yet CONFIRM 
successfully guessed. In Scenario 2 (not yet confirmed), a user calculated Msc 
visits an attacked controlled webpage; the user is prompted with, e 
and accepts, the aforementioned crafted URL prompt; and a 
payload on a remote, attacker controlled, SMB server is executed. 
The issue was found in the _DecodeAndRun() function, in which | 
incorrectly assumed _WinAPI_Urlls() would only accept web 
resources. Unfortunately, file:/// passes the default _WinAPI_Urlls 
check(). File paths are now directly checked for and must fail. 
There is no currently known exploitation of this vulnerability in the 
wild. A patched version, 0.5.0.1, has been released that checks 
for and denies these crafted URLs. There are no workarounds for 
this issue. Users are advised not to accept any unexpected 
prompts from web pages. 
mySCADA myPRO: Versions 8.20.0 and prior has a feature where 
the password can be specified, which may allow an attacker to not yet |CVE-2021-23198 
myscada = mypro inject arbitrary operating system commands through a specific 2021-12-23 | calculated ||MISC 
parameter. 
An additional, nondocumented administrative account exists in 
myscada -- mypro mySCADA myPRO Versions 8.20.0 and prior that is not exposed 2021-12-23 not yet ||CVE-2021-43987 
through the web interface, which cannot be deleted or changed calculated |MISC 
through the regular web interface. 
mySCADA myPRO: Versions 8.20.0 and prior has a vulnerable 
myscada — mypro debun antares when inches api utility, which may allow an || 2021-12-23 | notyet |e eet tase 
ae : : calculated ||MISC 
attacker to inject arbitrary operating system commands. 
mySCADA myPRO Versions 8.20.0 and prior stores passwords 
myscada — mypro pie MD5, which may allow an i ere crack the pievcisht 2021-12-23 not yet | Meecue seca 
: calculated ||MISC 
retrieved password hashes. 
mySCADA myPRO: Versions 8.20.0 and prior has a feature to 
myscada — mypro Sena emails, anen may allow an atacker io inject arbitrary 2021-12-23 notyet eee oe 
: = calculated ||MISC 
operating system commands through a specific parameter. 
An unauthenticated remote attacker can access mySCADA 
myscada — mypro VPRO Versions 6 20.0 and PIAF Withoufany folih ef 2021-12-23 || _notyet |CVE-2021-42985 
eee ae calculated ||MISC 
authentication or authorization. 
mySCADA myPRO: Versions 8.20.0 and prior has a feature where 
myscada -- mypro the firmware can be updated, which may allow an attacker to 2021-12-23 not yet ||CVE-2021-43984 
inject arbitrary operating system commands through a specific calculated |MISC 
parameter. 
mySCADA myPRO: Versions 8.20.0 and prior has a feature where 
myscada -- mypro the API password can be specified, which may allow an attacker 2021-12-23 not yet CVE-2021-22657 
to inject arbitrary operating system commands through a specific calculated ||MISC 
parameter. 
nasm -- nasm A Null Pointer Dereference vulnerability existfs in nasm 2.16rcO 2021-12-22 not yet CVE-2021-45256 
via asm/preproc.c. calculated |MISC 
nasm -- nasm An infinite loop vulnerability exists in nasm 2.16rcO via the 2021-12-22 not yet |CVE-2021-45257 
gpaste_tokens function. calculated |MISC 
StorageGRID (formerly StorageGRID Webscale) versions 11.5 
netapp -- storagegrid prior to 11.5.0.5 are susceptible to a vulnerability which may allow 2021-12-23 not yet |CVE-2021-27006 
an administrative user to escalate their privileges and modify calculated |MISC 
settings in SANtricity System Manager. 
NetApp Virtual Desktop Service (VDS) when used with an HTML5 
netapp -- virtual_desktop_service ||gateway is susceptible to a vulnerability which when successfully 2021-12-23 not yet CVE-2021-27007 
exploited could allow an unauthenticated attacker to takeover a calculated |MISC 
Remote Desktop Session. 
netbsd -- netbsd In NetBSD through 9.2, the IPv4 ID generation algorithm does not 2021-12-25 not yet ee 
use appropriate cryptographic measures. calculated MISC 
netbsd -- netbsd In NetBSD through 9.2, the IPv6 Flow Label generation algorithm 2021-12-25 not yet aia 
employs a weak cryptographic PRNG. calculated MISC 
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Vendor -- Product Description Published | Score Info 
netbsd -- netbsd In NetBSD through 9.2, there is an information leak in the TCP not yet LE 2021-4040 
: : 2021-12-25 MISC 
ISN (ISS) generation algorithm. calculated MISC 
netbsd -- netbsd In NetBSD through 9.2, the IPv6 fragment ID generation algorithm not yet CVE-2021-45484 
i 2021-12-25 MISC 
employs a weak cryptographic PRNG. calculated MISC 
NLTK (Natural Language Toolkit) is a suite of open source Python 
modules, data sets, and tutorials supporting research and 
development in Natural Language Processing. Versions prior to 
3.6.5 are vulnerable to regular expression denial of service 
(ReDoS) attacks. The vulnerability is present in 
PunktSentenceTokenizer, sent_tokenize and word_tokenize. Any 
users of this class, or these two functions, are vulnerable to the a 
nltk -- nltk ReDoS attack. In short, a specifically crafted long input to any of 2021-12-23 not yet MISC 
these vulnerable functions will cause them to take a significant calculated CONFIRM 
amount of execution time. If your program relies on any of the Msc 


vulnerable functions for tokenizing unpredictable user input, then 
we would strongly recommend upgrading to a version of NLTK 
without the vulnerability. For users unable to upgrade the 
execution time can be bounded by limiting the maximum length of 
an input to any of the vulnerable functions. Our recommendation 
is to implement such a limit. 


NVIDIA GeForce Experience contains a vulnerability in user 
authorization, where GameStream does not correctly apply 
individual user access controls for users on the same device, 
which, with user intervention, may lead to escalation of privileges, || 2021-12-23 
information disclosure, data tampering, and denial of service, 
affecting other resources beyond the intended security authority of 
GameStream. 


The id parameter from Online Enrollment Management System 
online_enrollment_management syste system appears to be vulnerable to SQL injection attacks. A 
= = -Sy E red payload injects a SQL sub-query that calls MySQL's 
lgad_file function with a UNC file path that references a URL on 2021-12-23 
an external domain. The application interacted with that domain, 
indicating that the injected SQL query was executed. The attacker 


can retrieve sensitive information for all users of this system. 








nvidia -- geforce not yet ||CVE-2021-23175 


calculated ||CONFIRM 








online_enrollment_management_sys 


not yet ||CVE-2021-44599 
calculated |MISC 


















































opendgs -- opendgs In OpendGS 2.4.0, a crafted packet from UE can crash SGW- 2021-12-23 not yet CVE-2021-45462 
U/UPF. calculated ||MISC 
An out-of-bounds read vulnerability exists when reading a BMP 
open_design_alliance -- file using Open Design Alliance (ODA) Drawings Explorer before 
drawings explorer 2022.12. The specific issue exists after loading BMP files. 2021-12-21 not yet |CVE-2021-44423 
= Unchecked input data from a crafted BMP file leads to an out-of- calculated |MISC 
bounds read. An attacker can leverage this vulnerability to 
execute code in the context of the current process. 
An Improper Input Validation Vulnerability exists when reading a 
open_design_alliance -- BMP file using Open Design Alliance Drawings SDK before 
drawings sdk 2022.12. Crafted data in a BMP file can trigger a write operation 2021-12-21 not yet CVE-2021-44422 
= past the end of an allocated buffer, or lead to a heap-based buffer calculated ||MISC 
overflow. An attacker can leverage this vulnerability to execute 
code in the context of the current process. 
An out-of-bounds read vulnerability exists when reading a TGA file 
using Open Design Alliance Drawings SDK before 2022.12. The 
opendesign -- drawings_sdk specific issue exists after loading TGA files. An unchecked input 2021-12-21 not yet |CVE-2021-44859 
data from a crafted TGA file leads to an out-of-bounds read. An calculated |MISC 
attacker can leverage this vulnerability to execute code in the 
context of the current process. 
An out-of-bounds read vulnerability exists when reading a TIF file 
using Open Design Alliance Drawings SDK before 2022.12. The 
opendesign -- drawings_sdk specific issue exists after loading TIF files. An unchecked input 2021-12-21 not yet CVE-2021-44860 
data from a crafted TIF file leads to an out-of-bounds read. An calculated |MISC 
attacker can leverage this vulnerability to execute code in the 
context of the current process. 
An issue was discovered in Opmantek Open-AudIT after 3.5.0. 
opmantak -- open-audit Without authentication, a vulnerability in 2021-12-22 not yet ao 
code_igniter/application/controllers/util.php allows an attacker calculated MISC 
perform command execution without echoes. a 
opmantek -- open- Opmantek Open-AudIT Community 4.2.0 (Fixed in 4.3.0) is CVE-2021-44916 
auditit_ community affected by a Cross Site Scripting (XSS) vulnerability. If a bad 2021-12-20 not yet MISC 
= value is passed to the routine via a URL, malicious JavaScript calculated |MISC 
code can be executed in the victim's browser. MISC 
parse-link-header -- parse-link- The package parse-link-header before 2.0.0 are vulnerable to a 
header Regular Expression Denial of Service (ReDoS) via the 2021-12-24 not yet [CONFIRM 
g p ( ) 
i calculated |CONFIRM 
checkHeader function. 
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Prima ii : CVSS Source & Patch 
Vendor -- iia Description Published | Score Info 
pimcore -- pimcore pimcore is vulnerable to Improper Neutralization of Input During 2021-12-21 not yet ae A 
Web Page Generation ('Cross-site Scripting' Dini calculated || KAk 
g ( ping) CONFIRM 
PJSIP is a free and open source multimedia communication 
library written in C language implementing standard based 
protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In 
affected versions if the incoming RTCP BYE message contains a CVE-2021-43804 
pjsip -- pjsip reason's length, this declared length is not checked against the 2021-12-22 not yet CONFIRM 
actual received packet size, potentially resulting in an out-of- calculated Msc 
bound read access. This issue affects all users that use PJMEDIA fe 
and RTCP. A malicious actor can send a RTCP BYE message 
with an invalid reason length. Users are advised to upgrade as 
soon as possible. There are no known workarounds. 
PJSIP is a free and open source multimedia communication 
library written in C language implementing standard based 
protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In 
affected versions if the incoming STUN message contains an 
ERROR-CODE attribute, the header length is not checked before CVE-2021-37706 
pjsip --pjsip performing a subtraction operation, potentially resulting in an 2021-12-22 not yet CONFIRM 
integer underflow scenario. This issue affects all users that use calculated Msc 
STUN. A malicious actor located within the victim’s network may —— 
forge and send a specially crafted UDP (STUN) message that 
could remotely execute arbitrary code on the victim’s machine. 
Users are advised to upgrade as soon as possible. There are no 
known workarounds. 
A flaw was found in podman. The ‘podman machine’ function 
(used to create and manage Podman virtual machine containing a 
Podman process) spawns a ‘gvproxy’ process on the host 
dman bodman system. The `gvproxy` API is accessible on port 7777 on all IP nak vet CVE-2021-4024 
p p addresses on the host. If that port is open on the host's firewall, an|| 2021-12-23 | i d MISC 
attacker can potentially use the `gvproxy` API to forward ports on Sareiese? TEC 
the host to ports in the VM, making private services on the VM 
accessible to the network. This issue could be also used to 
interrupt the host's services by forwarding all ports to the VM. 
prestashop -- prestashop PrestaShop before 1.5.2 allows XSS via the "<object 2021-12-21 not yet ||CVE-2012-20001 
data='data:text/html" substring in the message field. calculated |MISC 
: : An XSS vulnerability was found in Privoxy which was fixed in CVE-2021-44543 
PEVOXY == RIIVOXY cgi_error_no_template() by encode the template name when 2021-12-23 ha A d MISC 
Privoxy is configured to servce the user-manual itself. Ga Cuac NSE 
privoxy -- privoxy A memory leak vulnerability was found in Privoxy when handling 2021-12-23 not yet e ae 
errors. calculated MISC 
; : A vulnerability was found in Privoxy which was fixed in CVE-2021-44541 
PrIVOXY > PUNORY process_encrypted_request_headers() by freeing header memory || 2021-12-23 a A s d MISC 
when failing to get the request destination. cacu'aiee SE 
: F A vulnerability was found in Privoxy which was fixed in CVE-2021-44540 
PRO ORY get_url_spec_param() by freeing memory of compiled pattern 2021-12-23 ca ae MISC 
spec before bailing. cacate MISE 
projectworlds -- Projectworlds Hospital Management System v1.0 is vulnerable to 2021-12-22 not yet — 
hospital_ management_system SQL injection via multiple parameters in admin_home.php. calculated MISC 
projectworlds -- Projectworlds Hospital Management System v1.0 is vulnerable to 2021-12-22 not yet -i irate 
hospital_management_system SQL injection via the appointment_no parameter in payment.php. calculated MISC 
projectworlds -- Projectworlds Hospital Management System v1.0 is vulnerable to 2021-12-22 not yet m 
hospital_management_system SQL injection via the email parameter in hms-staff.php. calculated MISC 
Projectworlds Hospital Management System v1.0 is vulnerable to 
projectworlds -- SQL injection via multiple parameters in add_patient.php. As a otvet CVE-2021-43630 
hospital_management_system result, an authenticated malicious user can compromise the 2021-12-22 y MISC 
databases system and in some cases leverage this vulnerability to calculated MISC 
y: g y MISC 
get remote code execution on the remote web server. 
F . In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerabilit not yet |CVE-2021-43156 
projectworlds — online_book_store |in adntin dalete pie allows a remote attacker to delete any book. ae uated MISC 
: ; ; ; CVE-2021-43157 
: 5 Projectsworlds Online Shopping System PHP 1.0 is vulnerable to notyet ines 
projectworids — online_book_store sal injection via the id ms in cart_remove.php. 202112722 valeulsied erie 
: ; Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL not yet ||CVE-2021-43155 
projectworlds= online bookstore injection via the "bookisbn" parameter in cart.php. analia calculated MISC 
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Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
; nAi In ProjectWorlds Online Shopping System PHP 1.0, a CSRF CVE-2021-43158 
projectwonds:= online Donk store vulnerability in cart_remove.php allows a remote attacker to 2021-12-22 Pa ca MISC 
remove any product in the customer's cart. MISC 
pytorch_lightning -- not yet |CVE-2021-4118 
pytorch_lightning pytorch-lightning is vulnerable to Deserialization of Untrusted Data || 2021-12-23 y MISC 
calculated 
CONFIRM 
Quest KACE Desktop Authority before 11.2 allows XSS because it 
quest -- kace_desktop_authority does not prevent untrusted HTML from reaching the 2021-12-22 Peli pa d ae 
;Query.htm|Prefilter method of jQuery. (alia 
An issue was discovered in Quest KACE Desktop Authority before 
11:2; 
quest -- kace_desktop_authority /dacomponentui/profiles/profileitems/outlooksettings/Insertimage.asp% 02412-22 not yet ||CVE-2021-44031 
contains a vulnerability that could allow pre-authentication remote calculated |MISC 
code execution. An attacker could upload a .ASP file to reside at 
/images/{GUID}/{filename}. 
An issue was discovered in Quest KACE Desktop Authority before 
11.2. This vulnerability allows attackers to execute remote code 
through a deserialization exploitation in the RadAsyncUpload 
quest -- kace_desktop_authority function of ASP.NET AJAX. An attacker can leverage this 2021-12-22 not yet ||CVE-2021-44029 
vulnerability when the encryption keys are known (due to the calculated |MISC 
presence of CVE-2017-11317, CVE-2017-11357, or other means). 
A default setting for the type whitelisting feature in more current 
versions of ASP.NET AJAX prevents exploitation. 
: XXE can occur in Quest KACE Desktop Authority before 11.2 
Guest + Rate desktöp-aüthority because the log4net configuration file might be controlled by an 2021-12-22 Pa tee v1 een 
attacker, a related issue to CVE-2018-1285. e 
; A stack buffer overflow was discovered on Realtek RTL8195AM CVE-2021-39306 
realtek ny oat device device before 2.0.10, it exists in the client code when an attacker | 2021-12-22 || met yet | isc 
sends a big size Authentication challenge text in WEP security. MISC 
rockoa -- rockoa A cross-site request forgery (CSRF) in Rockoa v1.9.8 allows an 2021-12-22 not yet oo 
authenticated attacker to arbitrarily add an administrator account. calculated MISC 
The SyncThru Web Service on Samsung SCX-6x55X printers CVE-2021-42913 
samsung -- printers allows an attacker to gain access to a list of SMB users and 2021-12-20 not yet Msc 
cleartext passwords by reading the HTML source code. calculated MISC 
Authentication is not required. D 
The id parameter in view_storage.php from Simple Cold Storage 
simple -- Management System 1.0 appears to be vulnerable to SQL 
injection attacks. A payload injects a SQL sub-query that calls not yet ||CVE-2021-45253 
cold_storage_management_system MySQL's load_file function with a UNC file path that references a sea calculated |MISC 
URL on an external domain. The application interacted with that 
domain, indicating that the injected SQL query was executed. 
Multiple SQL injection vulnerabilities are found on Simple Forum- 
è ; F Discussion System 1.0 For example on three applications which 
simple — forum_discussion_system |... manage_topic.php, manage_user.php, and ajax.php. The 2021-12-21 Pia ae oo 
attacker can be retrieving all information from the database of this 2 
system by using this vulnerability. 
The password parameter on Simple Online Mens Salon 
dimple online mens: Salonamana ayaneeeasnt System (MSMS) 1.0 appears to be vulnerable to 
p'e_ = Z = gqnt jet ON attacks through the password parameter. The 
- ade : ge : : not yet |CVE-2021-44600 
Simple online: mens salon mana SANS ‘eit of this application interacted with that domain, 2021-12-23 calculated |MISC 
p'e = = = dfe Ati yy atthe injected SQL query was executed. The attacker me 
can retrieve all authentication and information about the users of 
this system. 
: . It has been reported that any Orion user, e.g. guest accounts can CVE-2021-35248 
solarwinds -- orion : : : not yet MISC 
query the Orion.UserSettings entity and enumerate users and 2021-12-20 calculated MISC 
their basic settings. Ares 
MISC 
The "Log alert to a file" action within action management enables 
Solanwinds< orion any Orion Platform user with Orion alert management rights to ñotvet al 
write to any file. An attacker with Orion alert management rights 2021-12-20 aicut MISC 
could use this vulnerability to perform an unrestricted file upload MISC 
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Prima aT : CVSS Source & Patch 
Vendor -- idie Description Published Score Info 
CVE-2021-35234 
MISC 
MISC 
MISC 
; ai ; MISC 
Numerous exposed dangerous functions within Orion Core has MISC 
solarwinds -- orion allows for read-only SQL injection leading to privileged escalation. 2021-12-20 not yet MISC 
An attacker with low-user privileges may steal password hashes calculated MISC 
and password salt information. MISC 
MISC 
MISC 
MISC 
MISC 
The HTTP PUT and DELETE methods were enabled in the Web 
Help Desk web server (12.7.6 and earlier), allowing users to 
execute dangerous HTTP requests. The HTTP PUT method is 
solarwinds -- web_help_desk normally used to upload data that is saved on the server with a 2021-12-23 not yet ||CVE-2021-35243 
user-supplied URL. While the DELETE method requests that the calculated ||MISC 
origin server removes the association between the target resource 
and its current functionality. Improper use of these methods may 
lead to a loss of integrity. 
`solidus_frontend` is the cart and storefront for the Solidus e- 
commerce project. Versions of `solidus_frontend` prior to 3.1.5, 
3.0.5, and 2.11.14 contain a cross-site request forgery (CSRF) 
vulnerability that allows a malicious site to add an item to the 
solidusio— solidus user's cart without their knowledge. Versions 3.1.5, 3.0.5, and not yet a 
2.11.14 contain a patch for this issue. The patch adds CSRF token|| 2021-12-20 haere 
sei gs is ods h : calculated ||MISC 
verification to the "Add to cart" action. Adding forgery protection to CONFIRM 
a form that missed it can have some side effects. Other CSRF ——$— 
protection strategies as well as a workaround involving 
modifcation to config/application.rb’ are available. More details on 
these mitigations are available in the GitHub Security Advisory. 
A vulnerability in SonicWall SMA100 password change API allows 
sonicwall -- sma100_series a remote unauthenticated attacker to perform SMA100 username 2021-12-23 not yet ||CVE-2021-20049 
enumeration based on the server responses. This vulnerability calculated |CONFIRM 
impacts 10.2.1.2-24sv, 10.2.0.8-37sv and earlier 10.x versions. 
; ; An Improper Access Control Vulnerability in the SMA100 series 
Sonicwall smag 254008 leads to multiple restricted management APIs being accessible 2021-12-23 o a ao = 
without a user login, potentially exposing configuration meta-data. calculated (CONFIRM 
In sourcecodetester Engineers Online Portal as of 10-21-21, an 
attacker can manipulate the Host header as seen by the web 
application and cause the application to behave in unexpected 
ways. Very often multiple websites are hosted on the same IP 
aaen portal address. This is where the Host Header comes in. This header 2021-12-20 not yet a Aa 
9 = P specifies which website should process the HTTP request. The calculated MISC 
web server uses the value of this header to dispatch the request GE 
to the specified website. Each website hosted on the same IP 
address is called a virtual host. And It's possible to send requests 
with arbitrary Host Headers to the first virtual host. 
A flaw was found in SSSD, where the sssctl command was 
vulnerable to shell command injection via the logs-fetch and 
sesia ssd cache-expire subcommands. This flaw allows an attacker to trick not yet CVE-2021-3621 
the root user into running a specially crafted sssctl command, 2021-12-23 ealculated MISC 
such as via sudo, to gain root access. The highest threat from this MISC 
vulnerability is to confidentiality, integrity, as well as system 
availability. 
Certain Starcharge products are affected by Improper Input CVE-2021-45419 
‘ Validation. The affected products include: Nova 360 Cabinet <= not yet MISC 
starcharge -- multiple_products ——ly_3 9 9 7p102 - Fixed: Beta1.3.0.1.0 and Titan 180 Premium <= || 2021-12-22 || calculated [MISC 
1.3.0.0.6 - Fixed: 1.3.0.0.9. MISC 
Certain Starcharge products are vulnerable to Directory Traversal CVE-2021-45418 
starcharge -- multiple_ products via main.cgi. The affected products include: Nova 360 Cabinet 2021-12-22 not yet MISC 
<=1.3.0.0.6 - Fixed: 1.3.0.0.9 and Titan 180 Premium calculated |MISC 
<=1.3.0.0.7b102 - Fixed: Beta1.3.0.1.0. MISC 
stormshield -- Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect 2021-12-21 | not yet |CVE-2021-45091 
stormshield_endpoint_security Access Control. calculated |MISC 
stormshield -- Stormshield Endpoint Security before 2.1.2 allows remote code 2021-12-21 | not yet |CVE-2021-45090 
stormshield_endpoint_security execution. calculated ||MISC 
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stormshield -- Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect 2021-12-21 not yet ||CVE-2021-45089 
stormshield_endpoint_security Access Control. calculated ||MISC 





A user of a machine protected by SafeNet Agent for Windows 


CVE-2021-42138 















































































































































hales --safenet agent Logon may leverage weak entropy to access the encrypted 2021-12-20 Pit z d a 
credentials of any or all the users on that machine. MISC 
thales -- Improper Access Control in Thales Sentinel Protection Installer 2021-12-20 not yet ||CVE-2021-42808 
sentinel_protection_installer could allow a local user to escalate privileges. calculated |MISC 
Improper Access Control of Dynamically-Managed Code 
thales a tax, ae Resources (DLL) in Thales Sentinel Protection Installer could 2021-12-20 not yet |CVE-2021-42500 
sentinel_protection_installer : : calculated ||MISC 
allow the execution of arbitrary code. 
A server side remote code execution vulnerability was found in 
Foreman project. A authenticated attacker could use Sendmail CVE-2021-3584 
itheforeman -- foreman configuration options to overwrite the defaults and perform 2021-12-23 not yet |MISC 
command injection. The highest threat from this vulnerability is to calculated |MISC 
confidentiality, integrity and availability of system. Fixed releases MISC 
are 2.4.1, 2.5.1, 3.0.0. 
Thinfinity VirtualUl before 3.0 allows a malicious actor to 
enumerate users registered in the OS (Windows) through the 
ee : ; /changePassword URI. By accessing the vector, an attacker can 
thinfinity -- virtualui determine if a username exists thanks to the message returned; it || 2021-12-20 Rae oo 
can be presented in different languages according to the —— 
configuration of VirtualUl. Common users are administrator, 
admin, guest and krgtbt. 
thinkemf -- thinkcmf An issue in ThinkKCMF X2.2.2 and below allows attackers to 2021-12-22 not yet |CVE-2020-20601 
execute arbitrary code via a crafted packet. calculated ||MISC 
A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface 
MEEI in TP-Link AX10v1 before V1_211117 allows a remote t e ma 
p unauthenticated attacker to send a specially crafted HTTP request|| 2021-12-17 caed MISC 
and receive a misconfigured HTTP/0.9 response, potentially MISC 
leading into a cache poisoning attack. e 
tp-link -- wifi_router TP-Link wifi router TL-WR802N V4(JP), with firmware version notyet |CVE-2021-4144 
rior to 211202, is vulnerable to OS command injection a0 calculated SAN 
pri , İS vu injection. u CONFIRM 
uti_mutual_fund_android_applicationlAn issue was discovered in UTI Mutual fund Android application CVE-2020-35398 
- 5.4.18 and prior, allows attackers to brute force enumeration of 2024-12-23 not yet MISC .—O—S™SM 
- uti_mutual_fund_android_applicatigasernames determined by the error message returned after invalid calculated MISC 
credentials are attempted. nen 
The email parameter from ajax.php of Video Sharing Website 1.0 
video-sharing website = appears to be vulnerable to SQL injection attacks. A payload 
aee harie ebele injects a SQL sub-query that calls MySQL's load_file function with 2021-12-21 not yet ||CVE-2021-45255 
= 9- a UNC file path that references a URL on an external domain. The calculated ||MISC 
application interacted with that domain, indicating that the injected 
SQL query was executed. 
vim -- vim not yet |CVE=2021-4136 
vim is vulnerable to Heap-based Buffer Overflow 2021-12-19 y CONFIRM 
calculated 
MISC 
vim — vim not yet [CVE-2021-4166 
vim is vulnerable to Out-of-bounds Read 2021-12-25 y CONFIRM 
calculated 
MISC 
VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and 
Identity Manager 3.3.5, 3.3.4, and 3.3.3 contain an SSRF 
vmware -- workspace_one_access vulnerability. A malicious actor with network access may be able to|| 2021-12-20 eis aa 
make HTTP requests to arbitrary origins and read the full R 
response. 
VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 
contain an authentication bypass vulnerability. A malicious actor, 
vmware -- workspace_one_access who has successfully provided first-factor authentication, may be 2021-12-20 pea ee a 
able to obtain second-factor authentication provided by VMware e 
Verify. 
webassembly -- binaryen A Denial of Service vulnerability exits in Binaryen 103 due to an 2021-12-21 not yet ||CVE-2021-45290 
assertion abort in wasm::handle_unreachable. calculated |MISC 
; A Denial of Service vulnerability exists in Binaryen 103 due to an 
webassembly -- binaryen Invalid memory address dereference in 2021-12-21 Rett ale oo 
wasm::WasmBinaryBuilder::visitLet. i 
: : In WebKitGTK before 2.32.4, there is a use-after-free in 
webkitgtk -- webkitgtk WebCore::Frame::page, a different vulnerability than CVE-2021- || 2021-12-25 || not yet [GvE-2021-45483 
30889. calculated |MISC 
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Primary ae A CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
5 , In WebKitGTK before 2.32.4, there is a use-after-free in 
webkitgtk:= webkitgtk WebCore::ContainerNode::firstChild, a different vulnerability than || 2021-12-25 || notyet | [ev E-2021-45482 
CVE-2021-30889. calculated |MISC 
In WebKitGTK before 2.32.4, there is incorrect memory allocation 
webkitgtk -- webkitgtk in WebCore::lmageBufferCairolmageSurfaceBackend::create, 2021-12-25 not yet CVE-2021-45481 
leading to a segmentation violation and application crash, a calculated |MISC 
different vulnerability than CVE-2021-30889. 
Wordpress direstorst The Directorist WordPress plugin before 7.0.6.2 was vulnerable to iat vet CVE-2021-24981 
P Cross-Site Request Forgery to Remote File Upload leading to 2021-12-21 calcu sed MISC 
arbitrary PHP shell uploads in the wp-content/plugins directory. MISC 
The Logo Carousel WordPress plugin before 3.4.2 allows users 
wordpress -- logo_carousel with a role as low as Contributor to duplicate and view arbitrary 2021-12-21 not yet ||CVE-2021-24739 
private posts made by other users via the Carousel Duplication calculated |MISC 
feature 
The Logo Carousel WordPress plugin before 3.4.2 does not 
wordpress -- logo_carousel validate and escape the "Logo Margin" carousel option, which 2021-12-21 not yet CVE-2021-24738 
could allow users with a role as low as Contributor to perform calculated |MISC 
Stored Cross-Site Scripting attacks 
The SportsPress WordPress plugin before 2.7.9 does not sanitise 
wordpress -- sportspress and escape its match_day parameter before outputting back in the 2021-12-21 not yet |CVE-2021-24578 
Events backend page, leading to a Reflected Cross-Site Scripting calculated |MISC 
issue 
The wcfm_ajax_controller AJAX action of the WCFM Marketplace 
wordpress -- wcfm_marketplace WordPress plugin before 3.4.12, available to unauthenticated and 2021-12-21 not yet CVE-2021-24849 
authenticated user, does not properly sanitise multiple parameters calculated |MISC 
before using them in SQL statements, leading to SQL injections 
The get_query() function of the Ni WooCommerce Custom Order 
Status WordPress plugin before 1.9.7, used by the niwoocos_ajax 
wordpress -- wordpress AJAX action, available to all authenticated users, does not 2021-12-21 not yet CVE-2021-24846 
properly sanitise the sort parameter before using it ina SQL calculated ||MISC 
statement, leading to an SQL injection, exploitable by any 
authenticated users, such as subscriber 
The Contact Form, Drag and Drop Form Builder for WordPress 
wordpress -- wordpress plugin before 1.8.0 does not escape the status parameter before 2021-12-21 not yet CVE-2021-24907 
outputting it back in an attribute, leading to a Reflected Cross-Site calculated |MISC 
Scripting issue 
The Popups, Welcome Bar, Optins and Lead Generation Plugin 
WordPress plugin before 2.0.5 does not sanitise and escape the 
wordpresss=- wordpress message_id parameter of the get_message_action_row AJAX 2021-12-21 a. A d —o 
action before outputting it back in an attribute, leading toa BE 
reflected Cross-Site Scripting issue 
The Blog2Social: Social Media Auto Post & Scheduler WordPress 
wordpress -- wordpress plugin before 6.8.7 does not sanitise and escape the 2021-12-21 not yet ||CVE-2021-24956 
b2sShowByDate parameter before outputting it back in an admin calculated ||MISC 
page, leading to a Reflected Cross-Site Scripting issue 
Cross-Site Request Forgery (CSRF) vulnerability leading to 
Wwordprešs:= wordpress Cross-Site Scripting (XSS) discovered in tarteaucitron.js — notvat CVE-2021-36887 
P P Cookies legislation & GDPR WordPress plugin (versions <= 2021-12-20 Gisueicd CONFIRM 
1.5.4), vulnerable parameters "tarteaucitronEmail" and MISC 
"tarteaucitronPass". 
The WP Visitor Statistics (Real Time Traffic) WordPress plugin 
wordpress wp visitor statistics before 4.8 does not properly sanitise and escape the refUrl in the natvat CVE-2021-24750 
p P- = refDetails AJAX action, available to any authenticated user, which || 2021-12-21 iciae MISC 
could allow users with a role as low as subscriber to perform SQL CONFIRM 
injection attacks 
: _ P A cross-site scripting (XSS) vulnerability in the system bulletin i z 
wuzhi ems ave hits component of WUZHI CMS v4.1.0 allows attackers to steal the | 2021-12-21 || not yet o meen 
admin's cookie. E 
: Zoho ManageEngine ServiceDesk Plus before 12003 allows not yet ||CVE-2021-44526 
Zzohocorp -- manageengine_log360 |. thentication bypass in certain admin configurations. 2021-12-23 || calculated |MISC 
Zoho ManageEngine Access Manager Plus before 4203 allows not-vet CVE-2021-44676 
zohocorp -- manageengine_log360 |janyone to view a few data elements (e.g., access control details) 2021-12-20 ruciea CONFIRM 
and modify a few aspects of the application state. MISC 
Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 
zohocorp -- manageengine_log360 ||10534 is vulnerable to unauthenticated remote code execution 2021-12-20 not yet |CVE-2021-44675 
i : : RA ; calculated |CONFIRM 
due to a filter bypass in which authentication is not required. 
: Zoho ManageEngine PAM360 before build 5303 allows attackers 
zohocorp -- manageengine_log360 to modify a few aspects of application state because of a filter 2021-12-20 hotyet JEVE-2021-44525 
i : haere es ; calculated |CONFIRM 
bypass in which authentication is not required. 
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